Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
convert-svg project convert-svg vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-24278
The package convert-svg-core prior to 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.
Convert-svg Project Convert-svg
7.8
CVSSv3
CVE-2022-24429
The package convert-svg-core prior to 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. An attacker can read arbitrary files from the file system and then show the file content as a converted PNG file.
Convert-svg-core Project Convert-svg-core
7.5
CVSSv3
CVE-2021-23631
This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a conv...
Convert-svg-core Project Convert-svg-core
9.8
CVSSv3
CVE-2022-25759
The package convert-svg-core prior to 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.
Convert-svg-core Project Convert-svg-core
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started