Bug #100234: Incorporate tests of enshrined/svg-sanitize:v0.16.0 - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #100234

closed

Incorporate tests of enshrined/svg-sanitize:v0.16.0

Added by Oliver Hader over 1 year ago. Updated over 1 year ago.

Status:

Rejected

Priority:

Should have

Assignee:

Oliver Hader

Category:

Security

Target version:

Start date:

2023-03-21

Due date:

% Done:

Estimated time:

TYPO3 Version:

PHP Version:

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

It looks like the security release enshrined/svg-sanitize:v0.16.0 did not fix a real vulnerability and was a false-positive:

https://github.com/darylldoyle/svg-sanitizer/security/advisories/GHSA-xrqq-wqh4-5hg2
https://nvd.nist.gov/vuln/detail/CVE-2023-28426
https://github.com/darylldoyle/svg-sanitizer/commit/cce18bc237c05c6e093e9672db7926788da9b322

Passing the two new added test files with the previous version v0.15.4 of that package did not reveal any valid attack vector - all entities are correctly encoded and would not have lead to an exploit in a browser context. This change in the TYPO3 context aims to demonstrate that there is no vulnerability.

https://github.com/darylldoyle/svg-sanitizer/blob/cce18bc237c05c6e093e9672db7926788da9b322/tests/data/cdataTwoTest.svg?short_path=025a153
https://github.com/darylldoyle/svg-sanitizer/blob/cce18bc237c05c6e093e9672db7926788da9b322/tests/data/formDataTest.svg?short_path=b4118f0

Related issues 2 (0 open — 2 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #100234

Incorporate tests of enshrined/svg-sanitize:v0.16.0

Updated by Oliver Hader over 1 year ago

Updated by Gerrit Code Review over 1 year ago

Updated by Gerrit Code Review over 1 year ago

Updated by Oliver Hader over 1 year ago

Updated by Lars Tode 7 months ago