### [CVE-2018-18064](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18064)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).

### POC

#### Reference
- https://gitlab.freedesktop.org/cairo/cairo/issues/341
- https://gitlab.freedesktop.org/cairo/cairo/issues/341

#### Github
- https://github.com/adegoodyer/kubernetes-admin-toolkit