Security Advisory

CVE-2022-24278

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-10 20:05:32
Last updated 2024-09-16 19:46:21
Assigner snyk
State PUBLISHED

Description

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.