Vulnerabilities > CVE-2021-44960 - NULL Pointer Dereference vulnerability in Svgpp 1.3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
References
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101.aa
- https://github.com/svgpp/svgpp/issues/101.aa
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html