6 matches found
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
feling87-nodejs-libs (>=0.0.1 <=0.0.3) potentially affected by CVE-2022-24718 via @finastra/ssr-pages (=0.1.3)
@finastra/ssr-pages NPM version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on @finastra/ssr-pages and may be impacted: - feling87-nodejs-libs =0.0.1, =0.0.3 Source cves: CVE-2022-24718 Source advisory: OSV:GHSA-W6CX-QG2Q-RVQ8...
CVE-2022-24718
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718
CVE-2022-24718 affects the ssr-pages HTML page builder. A path traversal vulnerability exists when untrusted input is provided to the svg property as an argument to build(MessagePageOptions). The issue is present in versions prior to 0.1.4. A patch is available in version 0.1.4 (upgrade to 0.1.4 ...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...
CVE-2022-24718 Path Traversal in ssr-pages
ssr-pages is an HTML page builder for the purpose of server-side rendering SSR. In versions prior to 0.1.4, a path traversal issue can occur when providing untrusted input to the svg property as an argument to the buildMessagePageOptions function. While there is no known workaround at this time,...