Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.11 views

CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

9.8CVSS6.6AI score0.23903EPSS
Exploits1References1
Debian
Debian
added 2024/03/20 7:11 p.m.66 views

[SECURITY] [DSA 5642-1] php-dompdf-svg-lib security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5642-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2024 https://www.debian.org/security/faq -...

9.8CVSS7.5AI score0.23903EPSS
Exploits2
OSV
OSV
added 2023/12/12 9:15 p.m.3 views

DEBIAN-CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

9.8CVSS8.3AI score0.23903EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2023/12/12 9:15 p.m.8 views

CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

9.8CVSS7.1AI score0.23903EPSS
Exploits1References3
CVE
CVE
added 2023/12/12 8:39 p.m.51 views

CVE-2023-50252

The CVE-2023-50252 issue affects the PHP SVG library php-svg-lib prior to version 0.5.1. When processing a tag that references an tag, the library merges attributes from into . If the href in is not sanitized, this can lead to an unsafe file read and a PHAR deserialization vulnerability in PH...

9.8CVSS9AI score0.23903EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/12/12 8:39 p.m.22 views

CVE-2023-50252 php-svg-lib unsafe attributes merge when parsing `use` tag

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

8.3CVSS9.6AI score0.23903EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/12/12 8:39 p.m.16 views

CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

9.8CVSS9.4AI score0.23903EPSS
Exploits1
Rows per page
Query Builder