Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-6hvg-62q8-95v7: svg_optimizer rubygem external XML entity (XXE) vulnerability

An issue in Fnando svg_optimizer v.0.2.6 allows a remote attacker to escalate privileges when optimizing untrusted SVG content.

ghsa
#vulnerability#git#ruby

svg_optimizer rubygem external XML entity (XXE) vulnerability

Moderate severity GitHub Reviewed Published Oct 20, 2023 to the GitHub Advisory Database • Updated Oct 20, 2023

ghsa: Latest News

GHSA-hxf5-99xg-86hw: cap-std doesn't fully sandbox all the Windows device filenames