39 matches found
Denial Of Service (DoS)
phenx/php-svg-lib is vulnerable to Denial Of Service DoS. The vulnerability is caused due to a missing validation for circular references reached while parsing the attributes passed to a use tag inside an SVG document. An attacker can craft a malicious SVG file and send multiple request to a syst...
CVE-2023-50252
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...
CVE-2023-50251
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
DEBIAN-CVE-2023-50251
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
Deserialization of untrusted data
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...
Design/Logic Flaw
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
CVE-2023-50252 php-svg-lib unsafe attributes merge when parsing `use` tag
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...
CVE-2023-50252 php-svg-lib unsafe attributes merge when parsing `use` tag
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...
CVE-2023-50251 php-svg-lib possible DoS caused by infinite recursion when parsing SVG document
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
CVE-2023-50251 php-svg-lib possible DoS caused by infinite recursion when parsing SVG document
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
CVE-2023-50251
The CVE-2023-50251 issue affects php-svg-lib (prior to v0.5.1), a PHP library for parsing/rendering SVGs. Root cause: parsing the attributes of a use tag can trigger recursive references when an id/link points to the same object, creating an infinite recursion; memory exhaustion can follow, poten...
CVE-2023-50251 php-svg-lib possible DoS caused by infinite recursion when parsing SVG document
php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when parsing the attributes passed to a use tag inside an svg document, an attacker can cause the system to go to an infinite recursion. Depending on the system configuration and attack pattern this could exhaust the...
php-svg-lib security vulnerability
php-svg-lib is an open source SVG file parsing/rendering library from dompdf. A security vulnerability exists in versions of php-svg-lib prior to 0.5.1, which stems from the fact that parsing attributes passed to the use tag within an svg document may cause the system to enter infinite recursion,...
Arbitrary Code Execution
dompdf/dompdf is vulnerable to Arbitrary Code Execution. The vulnerability exists in Cache.php due to a lack of validations for SVG files in Dompdf and php-svg-lib, allowing an attacker to parse an arbitrary URL with arbitrary protocols, which can resulting in Arbitrary Code Execution...
CVE-2023-24813
Dompdf is an HTML to PDF converter written in php. Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Dompdf parses the href attribute of image tags and respects xlink:href even if href is specified. However...
GHSA-56GJ-MVH6-RP75 URI validation failure on SVG parsing. Bypass of CVE-2023-23924
Summary Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Details Dompdf parses the href attribute of image tags with the following code: src/Image/Cache.php line 135-150 php function $parser, $name,...
URI validation failure on SVG parsing. Bypass of CVE-2023-23924
Summary Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Details Dompdf parses the href attribute of image tags with the following code: src/Image/Cache.php line 135-150 php function $parser, $name,...
CVE-2023-24813
Dompdf (PHP HTML‑to‑PDF) has two CVEs (CVE-2023-23924 and CVE-2023-24813) related to SVG parsing. The root cause is inconsistent attribute parsing between Dompdf and php-svg-lib: Dompdf considers xlink:href when present, but php-svg-lib also reads href, allowing an empty xlink:href to bypass prot...
CVE-2023-24813
Dompdf is an HTML to PDF converter written in php. Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Dompdf parses the href attribute of image tags and respects xlink:href even if href is specified. However...