5 matches found
AngularJS improperly sanitizes SVG elements
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/ContentSpoofing and also negatively affect...
DEBIAN-CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
CVE-2024-56519
TCPDF vulnerability CVE-2024-56519: setSVGStyles does not sanitize the SVG font-family attribute, enabling potential impact per CVSS 3.1/7.5 (HIGH) with network attack vector and no user interaction. Affected library: TCPDF prior to 6.8.0. Mitigation: upgrade to 6.8.0 or later when available. Deb...
SUSE-SU-2022:4075-1 Security update for rubygem-loofah
This update for rubygem-loofah fixes the following issues: - CVE-2019-15587: Fixed issue in sanitization of crafted SVG elements bsc1154751...