Vulnerabilities (CVE)

Filtered by vendor Convert-svg Project Subscribe
Filtered by product Convert-svg
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-24278 1 Convert-svg Project 1 Convert-svg 2024-02-28 7.5 HIGH 9.8 CRITICAL
The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.