VYPR

Maven package

com.kitfox.svg/svg-salamander

pkg:maven/com.kitfox.svg/svg-salamander

Vulnerabilities (1)

  • CVE-2017-5617HigMar 16, 2017
    affected < 1.1.2fixed 1.1.2

    The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file.