Convert-Svg-Core Project: >> Convert-Svg-Core >> 0.6.3 Security Vulnerabilities
This affects all versions of package convert-svg-core; all versions of package convert-svg-to-png; all versions of package convert-svg-to-jpeg. Using a specially crafted SVG file, an attacker could read arbitrary files from the file system and then show the file content as a converted PNG file.
CVSS Score
7.5
EPSS Score
0.004
Published
2022-01-21