Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-0650

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.007EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:11 p.m.4 views

CVE-2020-11887

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6.1CVSS6AI score0.007EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2022/01/06 7:45 p.m.4 views

@0x6368656174/wp-builder (>=1.0.8 <=1.2.1), @beezyinc/dr-svg-sprites-bz (>=0.9.33 <=1.0.4) +326 more potentially affected by CVE-2020-11887 via svg2png (>=1.0.0 <=4.1.1)

svg2png NPM version =1.0.0, =1.0.8, =0.9.33, =0.9.33, =5.2.0, =0.4.25, =0.0.23, =0.1.0, =1.0.0, =0.0.3, =0.0.1, =6.0.0-rc1, =0.5.1, =0.0.9, =0.2.2 and more Source cves: CVE-2020-11887 Source advisory: OSV:GHSA-MPP5-2X55-49XW...

6.1CVSS6.3AI score0.007EPSS
Exploits1
OSV
OSV
added 2022/01/06 7:45 p.m.10 views

GHSA-MPP5-2X55-49XW XSS in svg2png (NPM package)

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6.1CVSS5.8AI score0.007EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2022/01/06 7:45 p.m.25 views

XSS in svg2png (NPM package)

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6.1CVSS3.3AI score0.007EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2020/04/20 2:23 a.m.17 views

Cross-site Scripting (XSS)

svg2png is vulnerable to cross-site scripting XSS. The attack exists because it renders XML snippet using phantomjs directly into an image without sanitizing it, allowing an attacker to inject arbitrary script inside SVG document...

6.1CVSS4AI score0.007EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2020/04/17 9:15 p.m.12 views

CVE-2020-11887

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6.1CVSS6AI score0.007EPSS
Exploits1References1
OSV
OSV
added 2020/04/17 9:15 p.m.10 views

CVE-2020-11887

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6.1CVSS5.9AI score
Exploits0References1
Prion
Prion
added 2020/04/17 9:15 p.m.12 views

Cross site scripting

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

4.3CVSS5.9AI score0.007EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/04/17 8:8 p.m.16 views

CVE-2020-11887

svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document...

6AI score0.007EPSS
Exploits1References1
CVE
CVE
added 2020/04/17 8:8 p.m.142 views

CVE-2020-11887

svg2png 4.1.1 contains a vulnerability that allows cross-site scripting (XSS) with resultant SSRF via JavaScript inside an SVG document. The issue is documented across multiple sources (NVD, Red Hat, Veracode, OSV, GHSA, CNVD, etc.). Affected component is the SVG rendering/processing in svg2png; ...

6.1CVSS5.9AI score0.007EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder