dompdf/dompdf Security Advisories for v0.6.1 (9)
-
[MEDIUM] Denial of service caused by infinite recursion when parsing SVG images
PKSA-7ztm-rpt3-qqzk CVE-2023-50262 GHSA-3qx2-6f78-w2j2
Affected version: <2.0.4
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Dompdf vulnerable to URI validation failure on SVG parsing
PKSA-4jrs-y99s-q8j6 CVE-2023-23924 GHSA-3cw5-7cxw-v5qg
Affected version: <2.0.2
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[HIGH] Remote file inclusion
PKSA-hbk6-2vfz-8f8n CVE-2022-41343 GHSA-6x28-7h8c-chx4
Affected version: <2.0.1
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Dompdf before v2.0.0 vulnerable to chroot check bypass
PKSA-kj9c-tr41-t8mj CVE-2022-2400 GHSA-5qj8-6xxj-hp9h
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Server-Side Request Forgery in dompdf/dompdf
PKSA-872h-8556-2chm CVE-2022-0085 GHSA-pf6p-25r2-fx45
Affected version: <2.0.0
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Remote code injection via remote fonts
PKSA-99tj-gg5v-4g74 CVE-2022-28368 GHSA-x752-qjv4-c4hc
Affected version: <1.2.1
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Information Disclosure
PKSA-jkcx-z3k3-bbrv CVE-2014-5011 GHSA-jwf8-mjj8-r8hq
Affected version: >=0.6,<0.6.2
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Denial Of Service Vector
PKSA-5s2b-r7bs-gpkz CVE-2014-5012 GHSA-q83c-64c9-c42m
Affected version: >=0.6,<0.6.2
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[HIGH] Remote Code Execution (complement of CVE-2014-2383)
PKSA-cy5h-xj19-9vd7 CVE-2014-5013 GHSA-jjwj-w3gc-gcw4
Affected version: >=0.6,<0.6.2
Reported by:
FriendsOfPHP/security-advisories, GitHub