convert-svg-core, convert-svg-to-png and convert-svg-to-jpeg are vulnerable to directory traversal. The vulnerability exists because of the code of the component SVG File Handler which allows an attacker to read arbitrary files from the file system and then show the file content using a specially crafted SVG file.