Lucene search

Veracode Vulnerability DatabaseVERACODE:44651

HistoryDec 13, 2023 - 6:48 a.m.

Insecure Deserialization/Unsafe Attributes Merge

2023-12-1306:48:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

phenx/php-svg-lib

vulnerability

insecure deserialization

unsafe attributes

php 8

rce

phar deserialization

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.2%

JSON

phenx/php-svg-lib is vulnerable to Insecure Deserialization. The vulnerability is caused due to unsafe attributes such as href, xlink:href and id while merging attributes from the tag to the tag when handling a tag that references an tag. This can lead to an unsafe file read that can cause PHAR Deserialization vulnerability in PHP < 8 when the href attribute from the `` tag has not been sanitized leading to insecure deserialization or even RCE.

CPENameOperatorVersion
phenx/php-svg-lible0.4.1
phenx/php-svg-lible0.4.1

CPE	Name	Operator	Version
	phenx/php-svg-lib	le	0.4.1
	phenx/php-svg-lib	le	0.4.1

References

github.com/dompdf/php-svg-lib/commit/08ce6a96d63ad7216315fae34a61c886dd2dc030

github.com/dompdf/php-svg-lib/security/advisories/GHSA-jq98-9543-m4cr

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.2%

JSON

Related for VERACODE:44651