CVE-2011-3146

Published: Sep 6, 2012
Updated: Apr 13, 2023
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2011-3146" target="_blank" rel="noopener"> CVE-2011-3146
Severity: Medium
Exploit:

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.