CVE Vulnerabilities for Inkscape
| CVE | Published | Severity | Details | Exploitability | Impact | Vector |
|---|---|---|---|---|---|---|
| CVE‑2021‑42704 | 2022‑05‑18 17:15:08 | HIGH (8) | Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. | 2 | 6 | LOCAL |
| CVE‑2021‑42702 | 2022‑05‑18 17:15:08 | LOW (3) | Inkscape version 0.91 can access an uninitialized pointer, which may allow an attacker to have access to unauthorized information. | 2 | 1 | LOCAL |
| CVE‑2021‑42700 | 2022‑05‑18 17:15:08 | LOW (3) | Inkscape 0.91 is vulnerable to an out-of-bounds read, which may allow an attacker to have access to unauthorized information. | 2 | 1 | LOCAL |
| CVE‑2012‑6076 | 2013‑03‑12 22:55:01 | MEDIUM (4) | Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts. | 0 | 0 | LOCAL |
| CVE‑2012‑5656 | 2013‑01‑18 11:48:40 | MEDIUM (6) | The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. | 2 | 4 | LOCAL |
View OS-specific patching for:
Windows Mac Linux
Logos, products, trade names, and company names are all the property of their respective trademark holders.
The above listing includes products that Lavawall® monitors through public information and/or proprietary statistical analysis.
Although we do have a partner relationship with some of the listed products and companies, they do not necessarily endorse Lavawall® or have integrations with our systems.