![]() However, when used in combination with Dompdf, php-svg-lib will process SVG images referenced by an `image` element. php-svg-lib, when run in isolation, does not support SVG references for `image` elements. Depending on the system configuration and attack pattern this could exhaust the memory available to the executing process and/or to the server itself. However, prior to version 2.0.4, a recursive chained using two or more SVG documents is not correctly validated. One of the validations is that the SVG document does not reference itself. When parsing SVG images Dompdf performs an initial validation to ensure that paths within the SVG are allowed. A low-privileged attacker can point a CI/CD Component to an incorrect path and cause the server to exhaust all available memory through an infinite loop and cause Denial of Service.ĭompdf is an HTML to PDF converter for PHP. Authenticated attacker can exhaust server storage space to a point where the server can no longer serve requests.Īn issue has been discovered in GitLab CE/EE affecting all versions starting from 16.2 before 16.3.6, all versions starting from 16.4 before 16.4.2, all versions starting from 16.5 before 16.5.1. VDB-248846 is the identifier assigned to this vulnerability.Ī vulnerable API method in M-Files Server before 5.0 allows for uncontrolled resource consumption. ![]() The exploit has been disclosed to the public and may be used. ![]() The manipulation of the argument pt leads to cross site scripting. Affected by this issue is some unknown functionality of the file /main/checkout.php. A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as problematic. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |