SVGO: DoS through entity expansion in DOCTYPE (Billion Laughs)
Description
SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansion or recursion. This can result in a small XML file (811 bytes) stalling the application and even crashing the Node.js process with JavaScript heap out of memory. This issue has been patched in versions 2.8.1, 3.3.3, and 4.0.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SVGO versions before 2.8.1, 3.3.3, and 4.0.1 are vulnerable to denial of service via XML entity expansion (Billion Laughs attack).
Vulnerability
SVGO, a Node.js library for optimizing SVG files, accepts XML with custom entities without adequate guards against expansion or recursion. This allows a small SVG (as small as 811 bytes) to cause exponential entity expansion, leading to high memory consumption and process stall or crash. The issue affects versions 2.1.0 to 2.8.1, 3.0.0 to 3.3.3, and before 4.0.1 [1][2].
Exploitation
An attacker can craft an SVG file containing nested entity definitions in the DOCTYPE, similar to the classic Billion Laughs attack. When SVGO attempts to parse such an SVG via its optimization pipeline, the entities expand recursively, consuming all available memory. The attack requires no authentication and can be delivered through any vector that causes SVGO to process the malicious SVG (e.g., user uploads, network input) [2].
Impact
Successful exploitation results in a denial of service: the SVGO process hangs or crashes with a JavaScript heap out-of-memory error. This can disrupt server-side applications that rely on SVGO for processing user-supplied SVGs. Local usage on trusted SVGs is unlikely to be affected [2].
Mitigation
Patches are available in SVGO versions 2.8.1, 3.3.3, and 4.0.1. Users are strongly advised to upgrade immediately. For those unable to upgrade, input validation to reject SVGs containing DOCTYPE entity declarations may serve as a temporary workaround [1][2].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
svgonpm | >= 2.1.0, < 2.8.1 | 2.8.1 |
svgonpm | >= 3.0.0, < 3.3.3 | 3.3.3 |
svgonpm | >= 4.0.0, < 4.0.1 | 4.0.1 |
Affected products
2- svg/svgov5Range: >= 2.1.0, < 2.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- github.com/advisories/GHSA-xpqw-6gx7-v673ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-29074ghsaADVISORY
- github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.