dompdf/dompdf Security Advisories for v1.1.1 (6)
-
[MEDIUM] Denial of service caused by infinite recursion when parsing SVG images
PKSA-7ztm-rpt3-qqzk CVE-2023-50262 GHSA-3qx2-6f78-w2j2
Affected version: <2.0.4
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Dompdf vulnerable to URI validation failure on SVG parsing
PKSA-4jrs-y99s-q8j6 CVE-2023-23924 GHSA-3cw5-7cxw-v5qg
Affected version: <2.0.2
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[HIGH] Remote file inclusion
PKSA-hbk6-2vfz-8f8n CVE-2022-41343 GHSA-6x28-7h8c-chx4
Affected version: <2.0.1
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[MEDIUM] Dompdf before v2.0.0 vulnerable to chroot check bypass
PKSA-kj9c-tr41-t8mj CVE-2022-2400 GHSA-5qj8-6xxj-hp9h
Affected version: <2.0.0
Reported by:
GitHub -
[MEDIUM] Server-Side Request Forgery in dompdf/dompdf
PKSA-872h-8556-2chm CVE-2022-0085 GHSA-pf6p-25r2-fx45
Affected version: <2.0.0
Reported by:
FriendsOfPHP/security-advisories, GitHub -
[CRITICAL] Remote code injection via remote fonts
PKSA-99tj-gg5v-4g74 CVE-2022-28368 GHSA-x752-qjv4-c4hc
Affected version: <1.2.1
Reported by:
FriendsOfPHP/security-advisories, GitHub