dompdf/dompdf Security Advisories for v0.8.4 (8)
-
[CRITICAL] Deserialization of Untrusted Data in dompdf/dompdf
PKSA-5vz3-q51h-7mg4 CVE-2021-3838 GHSA-577p-7j7h-2jgf
Affected version: <2.0.0
Reported by:
GitHub -
[CRITICAL] Improper Restriction of XML External Entity Reference in dompdf/dompdf
PKSA-qstp-ffwg-8hp6 CVE-2021-3902 GHSA-3vjh-xrhf-v9xh
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Denial of service caused by infinite recursion when parsing SVG images
PKSA-7ztm-rpt3-qqzk CVE-2023-50262 GHSA-3qx2-6f78-w2j2
Affected version: <2.0.4
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Dompdf vulnerable to URI validation failure on SVG parsing
PKSA-4jrs-y99s-q8j6 CVE-2023-23924 GHSA-3cw5-7cxw-v5qg
Affected version: <2.0.2
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[HIGH] Remote file inclusion
PKSA-hbk6-2vfz-8f8n CVE-2022-41343 GHSA-6x28-7h8c-chx4
Affected version: <2.0.1
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Dompdf before v2.0.0 vulnerable to chroot check bypass
PKSA-kj9c-tr41-t8mj CVE-2022-2400 GHSA-5qj8-6xxj-hp9h
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Server-Side Request Forgery in dompdf/dompdf
PKSA-872h-8556-2chm CVE-2022-0085 GHSA-pf6p-25r2-fx45
Affected version: <2.0.0
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Remote code injection via remote fonts
PKSA-99tj-gg5v-4g74 CVE-2022-28368 GHSA-x752-qjv4-c4hc
Affected version: <1.2.1
Reported by:
FriendsOfPHP/security-advisories, GitHub