CVE-2023-27586: CairoSVG improperly processes SVG files loaded from external resources
(updated )
When CairoSVG processes an SVG file, it can make requests to the inner host and different outside hosts.
When CairoSVG processes an SVG file, it can send requests to external hosts and wait for a response from the external server after a successful TCP handshake. This will cause the server to hang. It seems this bug can affect websites or servers and cause a complete freeze while uploading this PoC file to the server.
Specially crafted SVG file that opens /proc/self/fd/1 or /dev/stdin results in a hang with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SVG file. It seems this bug can affect websites or servers and cause a complete freeze while uploading this PoC file to the server.
References
- github.com/Kozea/CairoSVG
- github.com/Kozea/CairoSVG/commit/12d31c653c0254fa9d9853f66b04ea46e7397255
- github.com/Kozea/CairoSVG/commit/33007d4af9195e2bfb2ff9af064c4c2d8e4b2b53
- github.com/Kozea/CairoSVG/releases/tag/2.7.0
- github.com/Kozea/CairoSVG/security/advisories/GHSA-rwmf-w63j-p7gv
- github.com/advisories/GHSA-rwmf-w63j-p7gv
- github.com/pypa/advisory-database/tree/main/vulns/cairosvg/PYSEC-2023-9.yaml
- nvd.nist.gov/vuln/detail/CVE-2023-27586
Detect and mitigate CVE-2023-27586 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →