{"id":"USN-6178-1","summary":"Several security issues were fixed in SVG++ library","details":"It was discovered that in SVG++ library that the demo application incorrectly \nmanaged memory resulting in a memory access violation \nunder certain circumstances. An attacker could possibly use this issue \nto leak memory information or run a denial of service attack.\nThis issue only affected Ubuntu 18.04 LTS. (CVE-2019-6246)\n\nIt was discovered that in SVG++ library that the demo application \nincorrectly handled null pointers under certain circumstances. \nAn attacker could possibly use this issue to cause \ndenial of service, leak memory information or manipulate \nprogram execution flow. (CVE-2021-44960)\n","modified":"2026-04-27T16:47:17.142553772Z","published":"2023-06-19T18:38:42Z","related":["UBUNTU-CVE-2019-6246","UBUNTU-CVE-2021-44960"],"upstream":["CVE-2019-6246","CVE-2021-44960","UBUNTU-CVE-2019-6246","UBUNTU-CVE-2021-44960"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6178-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2019-6246"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-44960"}],"affected":[{"package":{"name":"svgpp","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/svgpp@1.2.3+dfsg1-3ubuntu1+esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.3+dfsg1-3ubuntu1+esm1"}]}],"versions":["1.2.3+dfsg1-3","1.2.3+dfsg1-3ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.2.3+dfsg1-3ubuntu1+esm1","binary_name":"libsvgpp-dev"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6178-1.json","cves_map":{"cves":[{"id":"CVE-2019-6246","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"negligible"}]},{"id":"CVE-2021-44960","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"negligible"}]}],"ecosystem":"Ubuntu:Pro:18.04:LTS"}}},{"package":{"name":"svgpp","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/svgpp@1.3.0+dfsg1-3ubuntu2.22.04.1?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.0+dfsg1-3ubuntu2.22.04.1"}]}],"versions":["1.3.0+dfsg1-3ubuntu2"],"ecosystem_specific":{"binaries":[{"binary_version":"1.3.0+dfsg1-3ubuntu2.22.04.1","binary_name":"libsvgpp-dev"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6178-1.json","cves_map":{"cves":[{"id":"CVE-2021-44960","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"negligible"}]}],"ecosystem":"Ubuntu:22.04:LTS"}}}],"schema_version":"1.7.5"}