Security Advisory

CVE-2026-31899

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-13 19:38:43

Last updated 2026-03-16 13:39:14

Assigner GitHub_M

State PUBLISHED

Description

CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to Kozea/CairoSVG has exponential denial of service via recursive <use> element amplification in cairosvg/defs.py. This causes CPU exhaustion from a small input.

← Browse all CVEs View on cve.org ↗