Fixes CVE-2025-55166

[joelpittet]

Description

❯ composer audit
Found 1 security vulnerability advisory affecting 1 package:
+-------------------+----------------------------------------------------------------------------------+
| Package           | enshrined/svg-sanitize                                                           |
| Severity          | medium                                                                           |
| CVE               | CVE-2025-55166                                                                   |
| Title             | svg-sanitizer Bypasses Attribute Sanitization                                    |
| URL               | https://github.com/advisories/GHSA-22wq-q86m-83fh                                |
| Affected versions | <0.22.0                                                                          |
| Reported at       | 2025-08-12T20:20:58+00:00                                                        |
+-------------------+----------------------------------------------------------------------------------+

Type of change

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

composer audit

Test Configuration:

• PHP version: 8.3
• MySQL version: 8.0
• Webserver version: N/A
• OS version: macOS

Checklist:

• I have read the Contributing documentation available here: https://snipe-it.readme.io/docs/contributing-overview
• I have formatted this PR according to the project guidelines: https://snipe-it.readme.io/docs/contributing-overview#pull-request-guidelines
• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[snipe]

Thank you (from Germany)!