Vulnerabilities (CVE)

Filtered by vendor Gnome Subscribe
Filtered by product Libgxps
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10733 3 Gnome, Opensuse, Redhat 6 Libgxps, Leap, Ansible Tower and 3 more 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
CVE-2018-10767 2 Gnome, Redhat 5 Libgxps, Ansible Tower, Enterprise Linux Desktop and 2 more 2019-10-03 4.3 MEDIUM 6.5 MEDIUM
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack.
CVE-2017-11590 1 Gnome 1 Libgxps 2017-07-28 4.3 MEDIUM 7.5 HIGH
There is a NULL pointer dereference in the caseless_hash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack.