Lucene search

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

🗓️ 31 Jan 2023 23:30:54Reported by GitHub_MType

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 19
GithubExploit	Exploit for Incorrect Authorization in Dompdf Project Dompdf	8 Mar 202301:16	–	githubexploit
GithubExploit	Exploit for Incorrect Authorization in Dompdf Project Dompdf	1 Feb 202318:21	–	githubexploit
OSV	Dompdf vulnerable to URI validation failure on SVG parsing	1 Feb 202301:37	–	osv
OSV	CVE-2023-23924	1 Feb 202300:15	–	osv
OSV	URI validation failure on SVG parsing. Bypass of CVE-2023-23924	7 Feb 202318:16	–	osv
CVE	CVE-2023-23924	1 Feb 202300:15	–	cve
CVE	CVE-2023-24813	7 Feb 202319:15	–	cve
Vulnrichment	CVE-2023-23924 URI validation failure on SVG parsing in Dompdf	31 Jan 202323:54	–	vulnrichment
Vulnrichment	CVE-2023-24813 URI validation failure on SVG parsing. Bypass of CVE-2023-23924	7 Feb 202318:05	–	vulnrichment
NVD	CVE-2023-23924	1 Feb 202300:15	–	nvd

[
  {
    "vendor": "dompdf",
    "product": "dompdf",
    "versions": [
      {
        "version": "< 2.0.2",
        "status": "affected"
      }
    ]
  }
]

Source	Link
github	www.github.com/dompdf/dompdf/releases/tag/v2.0.2
github	www.github.com/dompdf/dompdf/commit/7558f07f693b2ac3266089f21051e6b78c6a0c85
github	www.github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Jan 2023 23:54Current

9.7High risk

Vulners AI Score9.7

CVSS310

EPSS0.54785

CWE-551