Vulnerability Details CVE-2021-44960
In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101.aa
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101.aa
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html