inkscape 漏洞与 CVE 列表(10)

产品(CPE): — CVE 数: 10

inkscape 漏洞概览

汇总 inkscape 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。

常见弱点模式包括 XXE、缓冲区溢出与内存损坏,在 生产负载与软件部署 使用场景中可能带来 应用崩溃与内存损坏 等风险。

相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。

漏洞分布趋势(近 24 个月)

显示 11010 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-4980 A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:include tags. [email protected] 6.3 0.20% 2026-03-27 2026-06-17
CVE-2021-42704 Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. [email protected] 7.8 1.34% 2022-05-18 2026-06-17
CVE-2021-42702 Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. [email protected] 3.3 0.83% 2022-05-18 2026-06-17
CVE-2021-42700 Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. [email protected] 3.3 0.69% 2022-05-18 2026-06-17
CVE-2012-6076 Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts. [email protected] 4.4 0.49% 2013-03-12 2026-06-16
CVE-2012-5656 The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. [email protected] 5.5 1.16% 2013-01-18 2026-06-16
CVE-2007-1464 Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. [email protected] 6.8 3.22% 2007-03-21 2026-06-16
CVE-2007-1463 Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. [email protected] 6.8 3.36% 2007-03-21 2026-06-16
CVE-2005-3885 The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. [email protected] 2.1 0.35% 2005-11-29 2026-06-16
CVE-2005-3737 Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. [email protected] 5.1 13.42% 2005-11-21 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence