OSV-2025-202

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/librsvg/OSV-2025-202.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2025-202
Published
2025-03-15T00:01:51.127135Z
Modified
2026-07-13T14:12:16.099781Z
Summary
UNKNOWN READ in _blit_xrgb32_lerp_spans
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=402836107

Crash type: UNKNOWN READ
Crash state:
_blit_xrgb32_lerp_spans
_cairo_rectangular_scan_converter_generate
composite_boxes
References

Affected packages

OSS-Fuzz / librsvg

Package

Name
librsvg
Purl
pkg:generic/librsvg

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/GNOME/librsvg.git
Events

Affected versions

2.*
2.58.92
2.58.93
2.58.94
2.59.0
2.59.0-beta.2
2.59.0-beta.3
2.59.0-beta.4
2.59.1
2.59.2
2.59.90
2.59.91
2.60.0
2.60.0-beta.0
2.60.0-beta.1
2.60.1
2.60.2
2.61.0
2.61.1
2.61.2
2.61.3
2.61.4
2.61.90
2.61.91
2.61.92
2.62.0
2.62.0-beta.0
2.62.0-beta.1
2.62.0-beta.2
2.62.1
2.62.2
2.62.3
2.62.90
2.63.0-beta.0

Ecosystem specific

{
    "severity": "MEDIUM"
}

Database specific

introduced_range
"e32687a7f960a99672635758812b8e7e8e184933:c068311e4f218002e7d1cbf7419a051299cbeeb8"
source
"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/librsvg/OSV-2025-202.yaml"