CVE-2022-25759

Summary

The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload.

Affected Software

VendorProductVersion RangeStatus
n/aconvert-svg-coreunspecified < 0.6.2affected

Weaknesses

  • Remote Code Injection

ADP Enrichment

CVE Program Container

Additional References

References