What is CVE-2023-50252?

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling ` ` tag that references an ` ` tag, it merges the attributes from the ` ` tag to the ` ` tag. The problem pops up especially when the `href` attribute from the ` ` tag has not been sanitized. This can lead to an unsafe file read that can cause PHAR Deserialization vulnerability in PHP prior to version 8. Version 0.5.1 contains a patch for this issue.

How severe is CVE-2023-50252?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2023-50252?

This is classified as CWE-15, which is a common weakness in software security.

CVE-2023-50252 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling `<use>` tag that references an `<image>` tag, it merges the attributes from the `<use>` tag to the `<image>` tag. The problem pops up especially when the `href` attribute from the `<use>` tag has not been sanitized. This can lead to an unsafe file read that can cause PHAR Deserialization vulnerability in PHP prior to version 8. Version 0.5.1 contains a patch for this issue.

Related Vulnerabilities

CVE-2024-4326

CRITICAL

CVSS:9.8(Critical)

A vulnerability in parisneo/lollms-webui versions up to 9.3 allows remote attackers to execute arbitrary code. The vulnerability stems from insufficient protection of the `/apply_settings` and `/execu...

CWE-152024

CVE-2021-38453

CRITICAL

CVSS:9.1(Critical)

Some API functions allow interaction with the registry, which includes reading values as well as data modification.

CWE-152021

CVE-2024-38666

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the openvpn.cgi openvpn_client_setup() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com...

CWE-152024

CVE-2024-39280

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the nas.cgi set_smb_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command executio...

CWE-152024

CVE-2024-39602

CRITICAL

CVSS:9.1(Critical)

An external config control vulnerability exists in the nas.cgi set_nas() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. A...

CWE-152024

CVE-2024-39788

CRITICAL

CVSS:9.1(Critical)

Multiple external config control vulnerabilities exist in the nas.cgi set_ftp_cfg() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. ...

CWE-152024