sammycage 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は バッファオーバーフロー and vendor risk memory corruption に関連することが多く、vendor surface software deployment and vendor surface production workloads の文脈で アプリケーションクラッシュ and vendor impact memory corruption などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2024-55456 | lunasvg v3.0.1 was discovered to contain a segmentation violation via the component gray_find_cell | [email protected] | 6.5 | 0.11% | 2025-02-03 | 2025-04-15 |
| CVE-2024-57724 | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component gray_record_cell. | [email protected] | 6.5 | 0.30% | 2025-01-23 | 2025-04-15 |
| CVE-2024-57723 | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component composition_source_over. | [email protected] | 6.5 | 0.30% | 2025-01-23 | 2025-04-15 |
| CVE-2024-57722 | lunasvg v3.0.0 was discovered to contain a allocation-size-too-big bug via the component plutovg_surface_create. | [email protected] | 7.5 | 0.36% | 2025-01-23 | 2025-04-15 |
| CVE-2024-57721 | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_path_add_path. | [email protected] | 6.5 | 0.30% | 2025-01-23 | 2025-04-15 |
| CVE-2024-57720 | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component plutovg_blend. | [email protected] | 6.5 | 0.30% | 2025-01-23 | 2025-04-15 |
| CVE-2024-57719 | lunasvg v3.0.0 was discovered to contain a segmentation violation via the component blend_transformed_tiled_argb.isra.0. | [email protected] | 6.5 | 0.14% | 2025-01-23 | 2025-04-15 |
| CVE-2024-33768 | lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source_over. | [email protected] | 9.8 | 0.17% | 2024-05-01 | 2025-04-15 |
| CVE-2024-33767 | lunasvg v2.3.9 was discovered to contain a segmentation violation via the component composition_solid_source. | [email protected] | 5.0 | 0.03% | 2024-05-01 | 2025-04-15 |
| CVE-2024-33766 | lunasvg v2.3.9 was discovered to contain an FPE (Floating Point Exception) at blend_transformed_tiled_argb.isra.0. | [email protected] | 5.3 | 0.10% | 2024-05-01 | 2025-04-15 |
| CVE-2024-33764 | lunasvg v2.3.9 was discovered to contain a stack-overflow at lunasvg/source/element.h. | [email protected] | 5.5 | 0.04% | 2024-05-01 | 2025-03-13 |
| CVE-2024-33763 | lunasvg v2.3.9 was discovered to contain a stack-buffer-underflow at lunasvg/source/layoutcontext.cpp. | [email protected] | 7.5 | 0.10% | 2024-05-01 | 2025-04-15 |
| CVE-2023-44709 | PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discovered to contain an integer overflow via the component plutosvg_load_from_memory. | [email protected] | 9.8 | 0.22% | 2023-12-14 | 2024-11-21 |