Maven package
com.kitfox.svg/svg-salamander
pkg:maven/com.kitfox.svg/svg-salamander
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5617 | Hig | 7.4 | < 1.1.2 | 1.1.2 | Mar 16, 2017 | The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file. |
- affected < 1.1.2fixed 1.1.2
The SVG Salamander (aka svgSalamander) library, when used in a web application, allows remote attackers to conduct server-side request forgery (SSRF) attacks via an xlink:href attribute in an SVG file.