VYPR
High severityNVD Advisory· Published Mar 10, 2025· Updated Mar 12, 2025

CVE-2025-25977

CVE-2025-25977

Description

An issue in canvg v.4.0.2 allows an attacker to execute arbitrary code via the Constructor of the class StyleElement.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
canvgnpm
>= 4.0.0, < 4.0.34.0.3
canvgnpm
< 3.0.113.0.11

Affected products

49

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.