Description
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution
Remediation
References
https://github.com/BigBadaboom/androidsvg/issues/122
Related Vulnerabilities
CVE-2023-2479 Vulnerability in npm package appium-desktop
CVE-2014-6071 Vulnerability in npm package jquery
CVE-2020-28487 Vulnerability in maven package org.webjars.npm:vis-timeline
CVE-2019-1003097 Vulnerability in maven package com.ds.tools.hudson:crowd
CVE-2020-7744 Vulnerability in maven package com.mintegral.msdk:alphab