user/libcroco: Multiple vulnerabilities
| Bugzilla ID | 287 |
| Alias(es) | CVE-2020-12825 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-15 16:38:19 -0500 |
| Modified | 2020-10-30 22:33:38 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/libcroco |
Description
libcroco through 0.6.13 has excessive recursion in
cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
No fix yet https://gitlab.gnome.org/GNOME/libcroco/-/issues/8