Segmentation Violation in Lunasvg Product by Keepinggg
CVE-2024-57721

6.5MEDIUM

Key Information:

Vendor: Keepinggg
Status: Lunasvg
Vendor: CVE Published:; 23 January 2025

What is CVE-2024-57721?

A segmentation violation has been identified in the Lunasvg product version 3.0.0, specifically within the component plutovg_path_add_path. This issue can lead to unexpected behavior or malfunction during the execution, potentially impacting the stability of applications that rely on the Lunasvg library. Developers are advised to review and assess their implementations to mitigate this vulnerability.

References

https://github.com/keepinggg/poc/blob/main/poc_of_lunasvg...

https://github.com/sammycage/lunasvg/issues/209

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 23, 2025