Launchpad.net

CVE 2016-4348

The _rsvg_css_normalize_font_size function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via circular definitions in an SVG document.

See the CVE page on Mitre.org for more details.