In SVGPP SVG++ library 1.3.0, the XMLDocument::getRoot function in the renderDocument function handled the XMLDocument object improperly, returning a null pointer in advance at the second if, resulting in a null pointer reference behind the renderDocument function.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Svgpp | Svgpp | 1.3.0 (including) | 1.3.0 (including) |
| Svgpp | Ubuntu | bionic | * |
| Svgpp | Ubuntu | esm-apps/bionic | * |
| Svgpp | Ubuntu | esm-apps/focal | * |
| Svgpp | Ubuntu | esm-apps/jammy | * |
| Svgpp | Ubuntu | focal | * |
| Svgpp | Ubuntu | impish | * |
| Svgpp | Ubuntu | jammy | * |
| Svgpp | Ubuntu | kinetic | * |
| Svgpp | Ubuntu | trusty | * |
| Svgpp | Ubuntu | upstream | * |
| Svgpp | Ubuntu | xenial | * |
Potential Mitigations
References
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101.aa
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html
- https://github.com/svgpp/svgpp/issues/101
- https://github.com/svgpp/svgpp/issues/101.aa
- https://lists.debian.org/debian-lts-announce/2023/04/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/10/msg00016.html