Lucene search
CVE-2023-24813
Dompdf HTML to PDF converter allows arbitrary URL calls with arbitrary protocols using SVG file due to attribute parsing difference in Dompdf and php-svg-lib, leading to remote code execution. Upgrade to v2.0.3 to fix CVE-2023-24813
Show more
| Reporter | Title | Published | Views | Family All 25 |
|---|---|---|---|---|
 | CVE-2023-24813 URI validation failure on SVG parsing. Bypass of CVE-2023-23924 | 7 Feb 202318:05 | – | cvelist |
| CVE-2023-23924 URI validation failure on SVG parsing in Dompdf | 31 Jan 202323:54 | – | cvelist |
 | CVE-2023-24813 URI validation failure on SVG parsing. Bypass of CVE-2023-23924 | 7 Feb 202318:05 | – | vulnrichment |
| CVE-2023-23924 URI validation failure on SVG parsing in Dompdf | 31 Jan 202323:54 | – | vulnrichment |
 | URI validation failure on SVG parsing. Bypass of CVE-2023-23924 | 7 Feb 202318:16 | – | osv |
| CVE-2023-24813 | 7 Feb 202319:15 | – | osv |
| CVE-2023-23924 | 1 Feb 202300:15 | – | osv |
| Dompdf vulnerable to URI validation failure on SVG parsing | 1 Feb 202301:37 | – | osv |
 | K000132775 : DOMPDF vulnerabilities CVE-2023-23924 and CVE-2023-24813 | 27 Feb 202300:00 | – | f5 |
 | URI validation failure on SVG parsing. Bypass of CVE-2023-23924 | 7 Feb 202318:16 | – | github |
10
Node
[
{
"vendor": "dompdf",
"product": "dompdf",
"versions": [
{
"version": "= 2.0.2",
"status": "affected"
}
]
}
]Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo07 Feb 2023 19:15Current
9.6High risk
Vulners AI Score9.6
CVSS39.8 - 10
EPSS0.00818
SSVC