| Max CVSS | 7.1 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-7961 | 6.8 |
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an "outside the range of representable values of type long" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash)
|
05-08-2024 - 17:15 | 19-04-2017 - 15:59 | |
| CVE-2017-8834 | 4.3 |
The cr_tknzr_parse_comment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (memory allocation error) via a crafted CSS file.
|
19-08-2020 - 19:17 | 12-06-2017 - 06:29 | |
| CVE-2017-8871 | 7.1 |
The cr_parser_parse_selector_core function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted CSS file.
|
19-08-2020 - 19:12 | 12-06-2017 - 06:29 | |
| CVE-2017-7960 | 4.3 |
The cr_input_new_from_uri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted CSS file.
|
03-10-2019 - 00:03 | 19-04-2017 - 15:59 |