Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
445
VMScore

CVE-2021-23631

Published: 21/01/2022 Updated: 27/01/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Convert-svg-core

Vulnerability Summary

This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

convert-svg-core project convert-svg-core

References

CWE-22https://snyk.io/vuln/SNYK-JS-CONVERTSVGCORE-1582785https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOPNG-2348244https://gist.github.com/legndery/a248350bb25b8502a03c2f407cedeb14https://snyk.io/vuln/SNYK-JS-CONVERTSVGTOJPEG-2348245https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook