Skip to main content

Convert Svg Core

2 CVEs product

Monthly

CVE-2022-25759 npm CRITICAL POC PATCH Act Now

The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Convert Svg Core
NVD GitHub
CVSS 3.1
9.8
EPSS
9.2%
CVE-2022-24429 npm HIGH POC PATCH This Week

The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Convert Svg Core
NVD GitHub
CVSS 3.1
7.8
EPSS
0.9%
EPSS 9% CVSS 9.8
CRITICAL POC PATCH Act Now

The package convert-svg-core before 0.6.2 are vulnerable to Remote Code Injection via sending an SVG file containing the payload. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Convert Svg Core
NVD GitHub
EPSS 1% CVSS 7.8
HIGH POC PATCH This Week

The package convert-svg-core before 0.6.3 are vulnerable to Arbitrary Code Injection when using a specially crafted SVG file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Code Injection Convert Svg Core
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy