CVE-2016-4348

Name of the Vulnerable Software and Affected Versions librsvg version 2.40.2

Description The issue allows context-dependent attackers to cause a denial of service, resulting in stack consumption and application crash, via circular definitions in an SVG document. This occurs due to the rsvg css normalize font size function.

Recommendations For librsvg version 2.40.2, consider updating to a newer version that addresses this issue, as the current version allows for a denial of service attack through specifically crafted SVG documents. At the moment, there is no information about a newer version that contains a fix for this vulnerability.