dompdf project
OSS Librariesoss-project
Top products
Latest CVEs
The 7 most recently published vulnerabilities affecting dompdf project.
- CVE-2021-3902Improper Restriction of XML External Entity Reference in dompdf/dompdf9.8
- CVE-2021-3838PHAR Deserialization in dompdf/dompdf9.8
- CVE-2023-50262Dompdf possible DoS caused by infinite recursion when parsing SVG images5.3
- CVE-2022-41343registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.7.5
- CVE-2022-2400External Control of File Name or Path in dompdf/dompdf5.3
- CVE-2022-0085Server-Side Request Forgery (SSRF) in dompdf/dompdf5.3
- CVE-2022-28368Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file).9.8