VYPR
Unrated severityNVD Advisory· Published Jul 22, 2023· Updated Aug 2, 2024

CVE-2023-38633

CVE-2023-38633

Description

A directory traversal problem in the URL decoder of librsvg before 2.56.3 could be used by local or remote attackers to disclose files (on the local filesystem outside of the expected area), as demonstrated by href=".?../../../../../../../../../../etc/passwd" in an xi:include element.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

28

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.