EPSS
Percentile
56.1%
convert-svg-core is vulnerable to directory traversal. The vulnerability exists in Converter.js because the SVG tags are not properly sanitized which allows an attacker to access file directories via a specially crafted SVG file.
Converter.js
github.com/advisories/GHSA-5f47-rcg5-9m24
github.com/neocotic/convert-svg/commit/2bbc498c5029238637206661dbac9e44d37d17c5
github.com/neocotic/convert-svg/issues/86
github.com/neocotic/convert-svg/pull/87