{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T15:48:06.174","vulnerabilities":[{"cve":{"id":"CVE-2019-1010258","sourceIdentifier":"josh@bress.net","published":"2019-05-15T18:29:00.263","lastModified":"2024-11-21T04:18:06.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf42c29726 is affected by: Buffer Overflow. The impact is: Memory corruption leading to at least DoS. More severe impact vectors need more investigation. The component is: it's part of a svg processing library. function nsvg__parseColorRGB in src/nanosvg.h / line 1227. The attack vector is: It depends library usage. If input is passed from the network, then network connectivity is enough. Most likely an attack will require opening a specially crafted .svg file."},{"lang":"es","value":"nanosvg library nanosvg despues de busc1f6e209c16b18b46aa9f45d7e619acf42c29726 se ve afectada por: Buffer Overflow. El impacto es: daño de memoria que lleva al menos a DoS. Los vectores de impacto más severos necesitan más investigación. El componente es: es parte de una biblioteca de procesamiento svg. función nsvg__parseColorRGB en src / nanosvg.h / line 1227. El vector de ataque es: Depende del uso de la biblioteca. Si la entrada se pasa desde la red, entonces la conectividad de la red es suficiente. Lo más probable es que un ataque requiera abrir un archivo .svg especialmente diseñado."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nanosvg_project:nanosvg:-:*:*:*:*:*:*:*","matchCriteriaId":"C22B5C89-A38B-4132-B90F-A58EEC770141"}]}]}],"references":[{"url":"https://0day.work/cve-2019-1000032-memory-corruption-in-nanosvg/","source":"josh@bress.net","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/memononen/nanosvg/","source":"josh@bress.net","tags":["Third Party Advisory"]},{"url":"https://github.com/memononen/nanosvg/issues/136","source":"josh@bress.net","tags":["Exploit","Third Party Advisory"]},{"url":"https://0day.work/cve-2019-1000032-memory-corruption-in-nanosvg/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/memononen/nanosvg/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/memononen/nanosvg/issues/136","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}