Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
libcroco 安全漏洞
Vulnerability Description
libcroco是一个CSS2解析库。 libcroco 0.6.11版本和0.6.12版本中的cr-tknzr.c文件的‘cr_tknzr_parse_rgb’函数存在安全漏洞。远程攻击者可借助特制的CSS文件利用该漏洞造成拒绝服务(应用程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A