Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description 2D graphics library with support for multiple output devices
Version 1.16.0-1 [extra]


Group Affected Fixed Severity Status Ticket
AVG-826 1.16.0-1 Critical Vulnerable
AVG-277 1.15.14-1 Low Vulnerable
Issue Group Severity Remote Type Description
CVE-2018-19876 AVG-826 Critical Yes Arbitrary code execution
A memory-corruption issue has been found in cairo versions <= 1.16.0, in the cairo_ft_apply_variations() function in cairo-ft-font.c. This function frees...
CVE-2017-7475 AVG-277 Low No Denial of service
Cairo is vulnerable to a NULL pointer dereference related to the FT_Load_Glyph and FT_Render_Glyph resulting in an application crash.