Mit Scratch-svg-renderer — known CVE vulnerabilities
Every CVE whose affected-product data names Mit Scratch-svg-renderer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2020-7750 — CVSS 9.6 (critical): This affects the package scratch-svg-renderer before 0.2.0-prerelease.20201019174008. The loadString function does not escape SVG properly…
CVE-2020-27428 — CVSS 6.1 (medium): A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or…