CVE-2016-3190
Public on 2016-04-21
Modified on 2020-07-15
Description
The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length.
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | cairo | 2020-07-16 | ALAS-2020-1392 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv2 | 4.3 | AV:N/AC:M/Au:N/C:N/I:N/A:P |