Seal Security

CVE-2017-7475

cairo is vulnerable to denial of service due to a null pointer dereference

Cairo version 1.15.4 is vulnerable to a NULL pointer dereference related to the `FT_Load_Glyph` and `FT_Render_Glyph` resulting in an application crash.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Fix without upgrading

Vulnerability Details

Score

5.4

Score Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Versions

cairo >= 1.15.4 < 1.15.5

Severity

Medium

Ecosystem

Publish Date

November 15, 2017

Modified Date

November 7, 2023