GHSA-6hvg-62q8-95v7

Source

https://github.com/advisories/GHSA-6hvg-62q8-95v7

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-6hvg-62q8-95v7/GHSA-6hvg-62q8-95v7.json

Aliases

• CVE-2023-46035

Published

2023-10-20T13:23:32Z

Modified

2023-11-08T04:13:40.269769Z

Details

An issue in Fnando svg_optimizer v.0.2.6 allows a remote attacker to escalate privileges when optimizing untrusted SVG content.

References

• https://github.com/fnando/svg_optimizer/pull/17
• https://github.com/fnando/svg_optimizer/commit/8244ff25b51a16892496e9d9f7191dba393f7af0
• https://github.com/fnando/svg_optimizer/commit/b1b5013db297494daba5676b9fa4423ffc5e96fa
• https://github.com/fnando/svg_optimizer
• https://github.com/rubysec/ruby-advisory-db/blob/master/gems/svg_optimizer/CVE-2023-46035.yml