Known Vulnerabilities for Cairo by Cairographics
Listed below are 10 of the newest known vulnerabilities associated with "Cairo" by "Cairographics".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-35492 | A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide ... | 7.8 - HIGH | 2021-03-18 | 2023-05-03 |
| CVE-2019-6462 | An issue was discovered in cairo 1.16.0. There is an infinite loop in the function _arc_error_normalized in the file cairo-ar... | 6.5 - MEDIUM | 2019-01-16 | 2023-11-07 |
| CVE-2019-6461 | An issue was discovered in cairo 1.16.0. There is an assertion problem in the function _cairo_arc_in_direction in the file ca... | 6.5 - MEDIUM | 2019-01-16 | 2023-11-07 |
| CVE-2018-19876 | cairo 1.16.0, in cairo_ft_apply_variations() in cairo-ft-font.c, would free memory using a free function incompatible with We... | 6.5 - MEDIUM | 2018-12-05 | 2019-01-31 |
| CVE-2018-18064 | cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because o... | 6.5 - MEDIUM | 2018-10-08 | 2023-11-07 |
| CVE-2017-9814 | cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read)... | 7.5 - HIGH | 2017-07-17 | 2023-11-07 |
| CVE-2017-7475 | Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting i... | 5.5 - MEDIUM | 2017-05-19 | 2023-02-12 |
| CVE-2016-9082 | Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid poin... | 5.5 - MEDIUM | 2017-02-03 | 2019-04-02 |
| CVE-2016-3190 | The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to caus... | 7.5 - HIGH | 2016-04-21 | 2018-10-30 |
| CVE-2014-5116 | The cairo_image_surface_get_data function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers ... | 5 - MEDIUM | 2014-07-29 | 2014-07-30 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Cairographics | Cairo | 1.8.8 | All | All | All |
| Application | Cairographics | Cairo | 1.8.6 | All | All | All |
| Application | Cairographics | Cairo | 1.8.4 | All | All | All |
| Application | Cairographics | Cairo | 1.8.2 | All | All | All |
| Application | Cairographics | Cairo | 1.8.10 | All | All | All |
| Application | Cairographics | Cairo | 1.8.0 | All | All | All |
| Application | Cairographics | Cairo | 1.6.4 | All | All | All |
| Application | Cairographics | Cairo | 1.6.2 | All | All | All |
| Application | Cairographics | Cairo | 1.6.0 | All | All | All |
| Application | Cairographics | Cairo | 1.4.8 | All | All | All |
| Application | Cairographics | Cairo | 1.4.6 | All | All | All |
| Application | Cairographics | Cairo | 1.4.4 | All | All | All |
| Application | Cairographics | Cairo | 1.4.2 | All | All | All |
| Application | Cairographics | Cairo | 1.4.14 | All | All | All |
| Application | Cairographics | Cairo | 1.4.12 | All | All | All |
| Application | Cairographics | Cairo | 1.4.10 | All | All | All |
| Application | Cairographics | Cairo | 1.4.0 | All | All | All |
| Application | Cairographics | Cairo | 1.2.6 | All | All | All |
| Application | Cairographics | Cairo | 1.2.4 | All | All | All |
| Application | Cairographics | Cairo | 1.2.2 | All | All | All |