CVE-2026-31899 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive element amplificati…
High CVSS: 7.5

CVE-2026-31899

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive <use> element amplification in cairosvg/defs.py. This causes CPU exhaustion from a small input.
Vendor
Courtbouillon
Product
Cairosvg
CWE
CWE-674
Yayın Tarihi
2026-03-13 19:54:38
Güncelleme
2026-03-18 15:16:48
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-674 Cairosvg HIGH Courtbouillon 2026

Referanslar

https://github.com/Kozea/CairoSVG/commit/6dde8685ed3f19837767bce7a13a5491e3d0e0bf https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c