📦 Convert Svg Core

CVE-2022-25759 is a critical remote code injection vulnerability in convert-svg-core package versions before 0.6.2. Attackers can execute arbitrary code on affected systems by uploading malicious SVG ...

CVE-2022-24429 is an arbitrary code injection vulnerability in convert-svg-core that allows attackers to read arbitrary files from the file system when processing specially crafted SVG files. The vuln...

This vulnerability in convert-svg-core, convert-svg-to-png, and convert-svg-to-jpeg packages allows attackers to read arbitrary files from the server's file system by uploading specially crafted SVG f...