33 matches found
Astra Linux - уязвимость в ruby-rails-html-sanitizer
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer 1.4.4 use a inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...
CVE-2026-39103
Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...
CVE-2026-39103
GPAC contains a Buffer Overflow in the SVG attribute parsing path: src/scenegraph/svg_attributes.c, svg_parse_strings(), gf_svg_parse_attribute() that can lead to denial of service. The issue is tied to commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 (and is reflected across multiple advisories)...
CVE-2026-39103
Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...
GPAC 安全漏洞
GPAC is an open-source multimedia framework developed by GPAC. There is a security vulnerability in GPAC, which stems from a buffer overflow in the gfsvgparseattribute function found in the src/scenegraph/svgattributes.c file. This vulnerability could lead to a denial-of-service attack...
CVE-2026-33311
DiceBear is an avatar library for designers and developers. Starting in version 5.0.0 and prior to versions 5.4.4, 6.1.4, 7.1.4, 8.0.3, and 9.4.1, SVG attribute values derived from user-supplied options backgroundColor, fontFamily, textColor were not XML-escaped before interpolation into SVG...
CVE-2026-27013
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export
Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...
Cross-site Scripting (XSS)
Overview org.webjars.npm:fabric is an Object model for HTML5 canvas, and SVG-to-canvas parser. Backed by jsdom and node-canvas. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the loadFromJSON function, which is used in the FabricObjectSVGExportMixin class to...
Cross-site Scripting (XSS)
Overview fabric is an Object model for HTML5 canvas, and SVG-to-canvas parser. Backed by jsdom and node-canvas. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the loadFromJSON function, which is used in the FabricObjectSVGExportMixin class to deserialize...
Fabric.js Affected by Stored XSS via SVG Export
fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When attacker-controlled JSON is loaded via loadFromJSON and later exported via...
GHSA-HFVX-25R5-QC3W Fabric.js Affected by Stored XSS via SVG Export
fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When attacker-controlled JSON is loaded via loadFromJSON and later exported via...
Cross-site Scripting (XSS)
Overview beautiful-mermaid is a Render Mermaid diagrams as beautiful SVGs or ASCII art. Ultra-fast, fully themeable, zero DOM dependencies. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the interpolation of user-controlled values from style and classDef directiv...
CVE-2025-66412 Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting XSS vulnerability has been identified in the Angular Template Compiler. It occurs because the...
Roundcube Webmail Security Vulnerability
Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A security vulnerability exists in Roundcube Webmail versions prior to 1.5.7, 1.6.x through 1.6.7, which originated from allowing cross-site scripting...
SUSE-SU-2023:3714-1 Security update for rubygem-rails-html-sanitizer
This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2022-23517: Fixed inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. bsc1206433 - CVE-2022-23518: Fixed XSS via data URIs when used in...
SUSE CVE-2022-23514
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...
DEBIAN-CVE-2022-23517
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...
CVE-2022-23517
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...
UBUNTU-CVE-2022-23517
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a...