Lucene search
K

16 matches found

OSV
OSV
added 2026/06/26 10:11 p.m.3 views

GHSA-X8G9-H984-PC36 PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option

Summary pontedilana/php-weasyprint fetches the content of option values server-side via filegetcontents when the value looks like a URL, without restricting the URL scheme. The attachment option of Pdf is the reachable sink: any value that passes isOptionUrl filtervar..., FILTERVALIDATEURL is...

6.5CVSS6AI score0.00242EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/26 10:11 p.m.9 views

EUVD-2026-38054

PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 10:10 p.m.10 views

EUVD-2026-38036

PhpWeasyPrint vulnerable to arbitrary file deletion at shutdown via public $temporaryFiles...

3CVSS5.9AI score0.00112EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/26 10:10 p.m.9 views

EUVD-2026-38053

PhpWeasyPrint vulnerable to PHAR deserialization via output filename CVE-2023-28115 case-insensitive bypass...

9.8CVSS7.3AI score0.0276EPSS
Exploits1References5
OSV
OSV
added 2026/06/26 10:10 p.m.3 views

GHSA-2FMJ-P74R-3WJM PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)

Summary pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist: php if 0 === \strpos$filename, 'phar://' throw new \InvalidArgumentException'The output file cannot be a phar archive.'; PHP stream wrappers are case-insensitive, so...

8.1CVSS6.5AI score0.00555EPSS
Exploits0References6
NVD
NVD
added 2026/06/19 5:16 p.m.9 views

CVE-2026-49260

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, pontedilana/php-weasyprint builds the shell command for WeasyPrint by passing the binary path through escapeshellarg first and then checking the quoted result with isexecutable. On POSIX...

8.2CVSS0.00154EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:6 p.m.6 views

CVE-2026-49359

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint fetches the content of option values server-side via filegetcontents when the value looks like a URL, without restricting the URL scheme. The attachment option of...

6.5CVSS6AI score0.00242EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/19 5:6 p.m.19 views

CVE-2026-49359 PhpWeasyPrint vulnerable to SSRF and local file disclosure via the attachment option

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint fetches the content of option values server-side via filegetcontents when the value looks like a URL, without restricting the URL scheme. The attachment option of...

6.5CVSS0.00242EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 5:3 p.m.17 views

CVE-2026-49286

CVE-2026-49286 - PhpWeasyPrint : The library (prior to 2.6.0) guards the output filename against the phar:// stream wrapper with a case-sensitive blacklist. Because PHP stream wrappers are case-insensitive, inputs like PHAR://, Phar:// bypass the check and reach fileExists() in prepareOutput(), a...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/19 5:3 p.m.5 views

CVE-2026-49286

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/19 4:59 p.m.16 views

CVE-2026-49260

CVE-2026-49260 affects PhpWeasyPrint prior to 2.5.1. The vulnerability arises from building the WeasyPrint command by passing the binary path through escapeshellarg() and then validating the quoted result with is_executable(); on POSIX systems this makes the bin path string contain quotes, causin...

8.2CVSS5.9AI score0.00154EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/19 2:52 p.m.32 views

CVE-2026-49358 PhpWeasyPrint vulnerable to arbitrary file deletion at shutdown via public $temporaryFiles

PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, AbstractGenerator::$temporaryFiles is a public array, and removeTemporaryFiles — invoked from destruct and from a registered shutdown function — calls unlink on every entry without verifying...

3CVSS0.00112EPSS
Exploits0References4
CVE
CVE
added 2026/06/19 2:52 p.m.17 views

CVE-2026-49358

Summary of CVE-2026-49358 (PhpWeasyPrint) : Prior to version 2.6.0, the public array AbstractGenerator::$temporaryFiles could be appended with arbitrary paths. When removeTemporaryFiles() runs (from __destruct or a shutdown function), it calls unlink() on every entry without verifying that the pa...

3CVSS6.1AI score0.00112EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50925

Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.6.0 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The AbstractGenerator::$temporaryFiles public array allows any code with a reference to a generator instance to...

3CVSS6.1AI score0.00112EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.14 views

PT-2026-50999

Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.6.0 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The software uses a case-sensitive blacklist to protect output filenames against the phar:// stream wrapper...

8.1CVSS6.2AI score0.00555EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.15 views

PT-2026-50965

Name of the Vulnerable Software and Affected Versions PhpWeasyPrint versions prior to 2.5.1 Description PhpWeasyPrint is a PHP library used for generating PDFs from HTML pages or URLs. The software contains a shell command injection flaw occurring when the binary path for WeasyPrint is processed...

8.2CVSS5.9AI score0.00154EPSS
Exploits0References13
Rows per page
Query Builder