Vulnerabilities > CVE-2021-44960 - NULL Pointer Dereference vulnerability in Svgpp 1.3.0

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
svgpp
CWE-476

Summary

In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.

Vulnerable Configurations

Part Description Count
Application
Svgpp
1

Common Weakness Enumeration (CWE)