Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

svg-sanitizer

Source -

CNANVD

CNA CVEs -

2

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

3
Related CVEsRelated VendorsRelated AssignersReports
4Vulnerabilities found
CVE-2025-55166
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 18.84%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 16:25
Updated-13 Aug, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
svg-sanitizer By-Passing Attribute Sanitization

savg-sanitizer is a PHP SVG/XML sanitizer. Prior to version 0.22.0, the sanitization logic in the cleanXlinkHrefs method only searches for lower-case attribute name, which allows to by-pass the isHrefSafeValue check. As a result this allows cross-site scripting or linking to external domains. This issue has been patched in version 0.22.0.

Action-Not Available
Vendor-darylldoyle
Product-svg-sanitizer
CWE ID-CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-23638
Assigner-GitHub, Inc.
ShareView Details
Assigner-GitHub, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.10% / 27.90%
||
7 Day CHG~0.00%
Published-14 Feb, 2022 | 21:10
Updated-23 Apr, 2025 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cross-site Scripting in svg-sanitizer

svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scripting vulnerability impacts all users of the `svg-sanitizer` library prior to version 0.15.0. This issue is fixed in version 0.15.0. There is currently no workaround available.

Action-Not Available
Vendor-svg-sanitizer_projectdarylldoyle
Product-svg-sanitizersvg-sanitizer
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-10772
Assigner-Snyk
ShareView Details
Assigner-Snyk
CVSS Score-6.1||MEDIUM
EPSS-0.16% / 37.35%
||
7 Day CHG~0.00%
Published-11 Dec, 2019 | 15:23
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It is possible to bypass enshrined/svg-sanitize before 0.13.1 using the "xlink:href" attribute due to mishandling of the xlink namespace by the sanitizer.

Action-Not Available
Vendor-svg-sanitizer_projectn/a
Product-svg-sanitizerenshrined/svg-sanitize
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2019-18857
Assigner-MITRE Corporation
ShareView Details
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.34% / 56.28%
||
7 Day CHG~0.00%
Published-11 Nov, 2019 | 14:34
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

darylldoyle svg-sanitizer before 0.12.0 mishandles script and data values in attributes, as demonstrated by unexpected whitespace such as in the javascript	:alert substring.

Action-Not Available
Vendor-svg-sanitizer_projectn/a
Product-svg-sanitizern/a
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')