JLSEC-2025-17
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-17.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-17.json
- JSON Data
- https://api.osv.dev/v1/vulns/JLSEC-2025-17
- Upstream
- Published
- 2025-10-10T13:22:08.213Z
- Modified
- 2025-11-06T23:02:42.254676Z
- Summary
- A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4
- Details
-
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
- Database specific
{ "license": "CC-BY-4.0", "sources": [ { "id": "CVE-2020-35492", "imported": "2025-10-09T21:00:34.751Z", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-35492", "modified": "2024-11-21T05:27:24.803Z", "published": "2021-03-18T19:15:13.230Z", "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35492" } ] }- References