enshrined/svg-sanitize Security Advisories for 0.11.0 (3)
-
[MEDIUM] A cross-site scripting vulnerability
PKSA-wsdr-wpj7-1wz2 CVE-2022-23638 GHSA-fqx8-v33p-4qcc
Affected version: <0.15.0
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Sanitizer bypass in svg-sanitizer
PKSA-6k9z-6kz2-wy1k CVE-2019-10772 GHSA-8rc5-hx3v-2jg7
Affected version: <0.13.1
Reported by:
GitHub -
[HIGH] XSS in enshrined/svg-sanitize due to mishandled script and data values in attributes
PKSA-kv5d-dmjs-n5mp CVE-2019-18857 GHSA-gf8j-v8x5-h9qp
Affected version: <0.12.0
Reported by:
GitHub