CVE-2023-38633 in librsvginformação

Sumário

de MITRE • 22/07/2023

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservar

21/07/2023

Divulgação

22/07/2023

Moderação

aceite

Entrada

VDB-235203

CPE

pronto

EPSS

0.02132

KEV

não

Atividades

muito baixo

Fontes

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!