Vulnerability Details CVE-2018-17332
An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svg_string.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-17332
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-10
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-11
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-12
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-15
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-16
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-17
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-18
-
cpe:2.3:a:libsvg2_project:libsvg2:2012-10-19