CVE-2022-24278

Summary

The package convert-svg-core before 0.6.4 are vulnerable to Directory Traversal due to improper sanitization of SVG tags. Exploiting this vulnerability is possible by using a specially crafted SVG file.

Affected Software

VendorProductVersion RangeStatus
n/aconvert-svg-coreunspecified < 0.6.4affected

Weaknesses

  • Directory Traversal

ADP Enrichment

CVE Program Container

Additional References

References