| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
| CVE-2023-50262 | 13 Dec 202314:08 | – | circl | |
| Dompdf Security Vulnerabilities | 13 Dec 202300:00 | – | cnnvd | |
| CVE-2023-50262 | 13 Dec 202320:52 | – | cve | |
| CVE-2023-50262 Dompdf possible DoS caused by infinite recursion when parsing SVG images | 13 Dec 202320:52 | – | cvelist | |
| CVE-2023-50262 | 13 Dec 202320:52 | – | debiancve | |
| EUVD-2023-3086 | 3 Oct 202520:07 | – | euvd | |
| Denial of service caused by infinite recursion when parsing SVG images | 12 Dec 202309:17 | – | friendsofphp | |
| Denial of service caused by infinite recursion when parsing SVG images | 13 Dec 202323:09 | – | github | |
| CVE-2023-50262 | 13 Dec 202321:15 | – | nvd | |
| CVE-2023-50262 Dompdf possible DoS caused by infinite recursion when parsing SVG images | 13 Dec 202320:52 | – | osv |
| Source | Link |
|---|---|
| security-tracker | www.security-tracker.debian.org/tracker/CVE-2023-50262 |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(226892);
script_version("1.4");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/02");
script_cve_id("CVE-2023-50262");
script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2023-50262");
script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.
- Dompdf is an HTML to PDF converter for PHP. When parsing SVG images Dompdf performs an initial validation
to ensure that paths within the SVG are allowed. One of the validations is that the SVG document does not
reference itself. However, prior to version 2.0.4, a recursive chained using two or more SVG documents is
not correctly validated. Depending on the system configuration and attack pattern this could exhaust the
memory available to the executing process and/or to the server itself. php-svg-lib, when run in isolation,
does not support SVG references for `image` elements. However, when used in combination with Dompdf, php-
svg-lib will process SVG images referenced by an `image` element. Dompdf currently includes validation to
prevent self-referential `image` references, but a chained reference is not checked. A malicious actor may
thus trigger infinite recursion by chaining references between two or more SVG images. When Dompdf parses
a malicious payload, it will crash due after exceeding the allowed execution time or memory usage. An
attacker sending multiple request to a system can potentially cause resource exhaustion to the point that
the system is unable to handle incoming request. Version 2.0.4 contains a fix for this issue.
(CVE-2023-50262)
Note that Nessus relies on the presence of the package as reported by the vendor.");
script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2023-50262");
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:U/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-50262");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vendor_unpatched", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2023/12/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:12.0");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:php-dompdf");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Misc.");
script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
script_require_ports("Host/OS/Debian Linux-12");
exit(0);
}
if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);
include('linux_unpatched.inc');
var distro_constraints_array = {
"Debian Linux-12": {
"package_manager": "dpkg-l",
"constraints": [
{
"release": "12",
"pkgs": [
{"reference": "php-dompdf"}
]
}
]
}
};
var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);
if (!empty_or_null(report))
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : report
);
exit(0);
}
else
{
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation