Lucene search
K

323 matches found

Cvelist
Cvelist
added 2023/01/31 11:54 p.m.60 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.7AI score0.03572EPSS
Exploits2References3
CVE
CVE
added 2023/01/31 11:54 p.m.99 views

CVE-2023-23924

Dompdf 2.0.1 is vulnerable to URI validation bypass during SVG parsing. If an attacker provides an SVG containing an tag with uppercase letters, the parser may bypass protection and allow arbitrary URL calls via the phar wrapper. In PHP

10CVSS9.4AI score0.03572EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2023/01/31 11:54 p.m.24 views

CVE-2023-23924 URI validation failure on SVG parsing in Dompdf

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9AI score0.03572EPSS
Exploits2References5
Debian CVE
Debian CVE
added 2023/01/31 11:54 p.m.16 views

CVE-2023-23924

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This may lead to arbitrary object unserialize on PHP 8, through the phar URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with...

10CVSS9.6AI score0.03572EPSS
Exploits2
Friends Of PHP
Friends Of PHP
added 2023/01/31 2:30 p.m.30 views

Dompdf vulnerable to URI validation failure on SVG parsing

Summary The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing tags with uppercase letters. This might leads to arbitrary object unserialize on PHP tags, in src/Image/Cache.php : if $type === "svg" $parser = xmlparsercreate"utf-8"; xmlparsersetoption$parser,...

10CVSS9.4AI score0.03572EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/31 12:0 a.m.6 views

PT-2023-1267 · Dompdf +1 · Dompdf +1

Name of the Vulnerable Software and Affected Versions: Dompdf version 2.0.1 Dompdf versions prior to 8.0.0 Description: The issue is related to the incorrect order of authorization checks before syntax analysis and canonization when processing tags with uppercase letters in SVG parsing. This can...

10CVSS9.7AI score0.03572EPSS
Exploits2References17
wpexploit
wpexploit
added 2023/01/16 12:0 a.m.114 views

PDF Generator for WordPress < 1.1.2 - Reflected XSS

The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin Make a logged in admin open the following URL:...

6.1CVSS5.9AI score0.01193EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2023/01/16 12:0 a.m.19 views

PDF Generator for WordPress < 1.1.2 - Reflected XSS

The plugin includes a vendored dompdf example file which is susceptible to Reflected Cross-Site Scripting and could be used against high privilege users such as admin PoC Make a logged in admin open the following URL:...

6.1CVSS5.7AI score0.01193EPSS
Exploits2Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/07 12:0 a.m.8 views

PT-2023-6704 · WordPress · Pdf Generator For Wordpress

Name of the Vulnerable Software and Affected Versions: PDF Generator for WordPress plugin versions prior to 1.1.2 Description: The issue is related to a Reflected Cross-Site Scripting susceptibility in a vendored dompdf example file included in the PDF Generator for WordPress plugin. This could b...

6.1CVSS6AI score0.01193EPSS
Exploits2References7
Veracode
Veracode
added 2022/09/27 5:16 a.m.30 views

Remote Code Execution (RCE)

dompdf/dompdf is vulnerable to remote code execution. The vulnerability exists because the registerFont function of FontMetrics.php does not properly halt the font registration when URI validation fails, such as through the @font-face rule, allowing an attacker to inject and execute maliciously...

7.5CVSS7.9AI score0.04057EPSS
Exploits3References6Affected Software1
Github Security Blog
Github Security Blog
added 2022/09/26 12:0 a.m.43 views

Dompdf allows remote file inclusion because URI validation failure does not halt font registration

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5CVSS7.3AI score0.04057EPSS
Exploits3References8Affected Software1
OSV
OSV
added 2022/09/26 12:0 a.m.27 views

GHSA-6X28-7H8C-CHX4 Dompdf allows remote file inclusion because URI validation failure does not halt font registration

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5CVSS7.5AI score0.04057EPSS
Exploits3References9
NVD
NVD
added 2022/09/25 7:15 p.m.31 views

CVE-2022-41343

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5CVSS0.04057EPSS
Exploits3References4
OSV
OSV
added 2022/09/25 7:15 p.m.20 views

CVE-2022-41343

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5CVSS7.5AI score0.04057EPSS
Exploits3References4
Prion
Prion
added 2022/09/25 7:15 p.m.21 views

Remote file inclusion

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

5CVSS7.5AI score0.04057EPSS
Exploits3References4Affected Software1
CNNVD
CNNVD
added 2022/09/25 12:0 a.m.3 views

Dompdf 安全漏洞

Dompdf is an HTML to PDF converter. A security vulnerability exists in versions prior to Dompdf 2.0.1, which stems from a URI validation failure does not stop font registration...

7.5CVSS7.2AI score0.04057EPSS
Exploits3References5
Cvelist
Cvelist
added 2022/09/25 12:0 a.m.29 views

CVE-2022-41343

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.7AI score0.04057EPSS
Exploits3References4
Vulnrichment
Vulnrichment
added 2022/09/25 12:0 a.m.7 views

CVE-2022-41343

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5AI score0.04057EPSS
Exploits3References4
UbuntuCve
UbuntuCve
added 2022/09/25 12:0 a.m.44 views

CVE-2022-41343

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule...

7.5CVSS7.2AI score0.04057EPSS
Exploits3References4
CVE
CVE
added 2022/09/25 12:0 a.m.100 views

CVE-2022-41343

CVE-2022-41343 affects Dompdf before 2.0.1, where registerFont in FontMetrics.php allows remote file inclusion because URI validation fails to stop font registration. Exploit PoCs and Python scripts/staged reverse-shell demos exist (e.g., via @font-face). Impact is remote access to font assets po...

7.5CVSS7.4AI score0.04057EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder