Количество 2
Количество 2
CVE-2021-23631
This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file.
GHSA-jv7g-9g6q-cxvw
Path Traversal in convert-svg packages
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23631 This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file. | CVSS3: 7.5 | 0% Низкий | около 4 лет назад |
| GHSA-jv7g-9g6q-cxvw Path Traversal in convert-svg packages | CVSS3: 7.5 | 0% Низкий | около 4 лет назад |
Уязвимостей на страницу