Skip navigation

Skip to main content

Home
Your apps
Your integrations

Engineering Blog

Overview Subscribe

Discover more

UI/UX Backend Machine Learning Infrastructure Security Engineering Practices Data Platform

About Canva⁠(opens in a new tab or window)

Category

SVG

When URL parsers disagree (CVE-2023-38633)

Discovery and walkthrough of CVE-2023-38633 in librsvg, when two URL parser implementations (Rust and Glib) disagree on file scheme parsing leading to path traversal.

Zac SimsSep 5, 2023

© 2025 All Rights Reserved. Canva®

Privacy policyTerms