Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Convert-svg-core Project Subscribe
Filtered by product Convert-svg-core
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-25759 1 Convert-svg-core Project 1 Convert-svg-core 2024-11-21 N/A 9.9 CRITICAL
The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.
CVE-2022-24429 1 Convert-svg-core Project 1 Convert-svg-core 2024-11-21 6.8 MEDIUM 7.5 HIGH
The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file.
CVE-2021-23631 1 Convert-svg-core Project 1 Convert-svg-core 2024-11-21 5.0 MEDIUM 7.5 HIGH
This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024