In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote malicious users to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
graphicsmagick graphicsmagick |
||
opensuse leap 42.3 |
||
opensuse leap 15.0 |