Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
DompdfPhp-svg-lib

3 matches found

CVE
CVEadded 2024/02/21 4:25 p.m.249 views

CVE-2024-25117

Summary: CVE-2024-25117 affects php-svg-lib prior to 0.5.2. The library does not validate that font-family values are not PHAR URLs in SVG font rendering, which can lead to unsafe fontName values being passed to downstream libraries and, in PHP

9.8CVSS7AI score0.00932EPSS
CVE
CVEadded 2023/12/12 8:37 p.m.50 views

CVE-2023-50251

The CVE-2023-50251 issue affects php-svg-lib (prior to v0.5.1), a PHP library for parsing/rendering SVGs. Root cause: parsing the attributes of a use tag can trigger recursive references when an id/link points to the same object, creating an infinite recursion; memory exhaustion can follow, poten...

7.5CVSS6.2AI score0.00878EPSS
CVE
CVEadded 2023/12/12 8:39 p.m.43 views

CVE-2023-50252

The CVE-2023-50252 issue affects the PHP SVG library php-svg-lib prior to version 0.5.1. When processing a tag that references an tag, the library merges attributes from into . If the href in is not sanitized, this can lead to an unsafe file read and a PHAR deserialization vulnerability in PH...

9.8CVSS9AI score0.23903EPSS