Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2017-8834

Published: 12 June 2017

The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.

Priority

Low

CVSS 3 base score: 6.5

Status

Package Release Status
libcroco
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Needed

cosmic Ignored
(reached end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Needed

groovy Ignored
(reached end-of-life)
hirsute Does not exist

impish Does not exist

jammy Does not exist

kinetic Does not exist

precise Ignored
(end of ESM support, was needed)
trusty Needed

upstream Ignored

xenial
Released (0.6.11-1ubuntu0.1~esm1)
yakkety Ignored
(reached end-of-life)
zesty Ignored
(reached end-of-life)
Patches:
other: https://bugzilla.gnome.org/attachment.cgi?id=374219