Lucene search
+L

15 matches found

nessus
nessus
added 2025/12/30 12:0 a.m.5 views

Debian dla-4427 : php-dompdf - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4427 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected]...

9.8CVSS8.1AI score0.0143EPSS
Exploits2References6
nessus
nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2021-3838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function...

9.8CVSS9.8AI score0.0143EPSS
Exploits1References2
nvd
nvd
added 2024/11/15 11:15 a.m.23 views

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

9.8CVSS0.0143EPSS
Exploits1References2
circl
circl
added 2024/11/15 10:54 a.m.16 views

CVE-2021-3838

creationtimestamp| type| source ---|---|--- 2024-11-15 10:54:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113486597726053603 2025-12-30 16:28:13+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mb7rfvcyzk2b...

9.8CVSS9.2AI score0.0143EPSS
Exploits1References2
cvelist
cvelist
added 2024/11/15 10:51 a.m.25 views

CVE-2021-3838 PHAR Deserialization in dompdf/dompdf

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

9.8CVSS0.0143EPSS
Exploits1References2
debiancve
debiancve
added 2024/11/15 10:51 a.m.35 views

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

9.8CVSS9.2AI score0.0143EPSS
Exploits1
debian
debian
added 2023/08/11 9:2 a.m.62 views

[SECURITY] [DLA 3495-2] php-dompdf regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-2 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 10, 2023 https://wiki.debian.org/LTS -...

9.8CVSS5.7AI score0.0143EPSS
Exploits2
ubuntu
ubuntu
added 2023/08/10 6:31 p.m.58 views

USN-6277-2: Dompdf vulnerabilities

USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibl...

9.8CVSS7.6AI score0.0143EPSS
Exploits2
nessus
nessus
added 2023/08/10 12:0 a.m.15 views

Ubuntu 22.04 LTS : Dompdf vulnerabilities (USN-6277-2)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6277-2 advisory. USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. Tenable has extracted the preceding...

9.8CVSS7.3AI score0.0143EPSS
Exploits2References3
openvas
openvas
added 2023/08/09 12:0 a.m.33 views

Ubuntu: Security Advisory (USN-6277-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.04556EPSS
Exploits2References2
nessus
nessus
added 2023/07/14 12:0 a.m.29 views

Debian dla-3495 : php-dompdf - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3495 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-1 [email protected]...

9.8CVSS7.5AI score0.0143EPSS
Exploits2References6
debian
debian
added 2023/07/13 9:16 p.m.63 views

[SECURITY] [DLA 3495-1] php-dompdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès July 13, 2023 https://wiki.debian.org/LTS -...

9.8CVSS6.1AI score0.0143EPSS
Exploits2
osv
osv
added 2023/02/14 12:0 a.m.7 views

UBUNTU-CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

9.8CVSS7.6AI score0.0143EPSS
Exploits1References6
ubuntucve
ubuntucve
added 2023/02/14 12:0 a.m.27 views

CVE-2021-3838

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. An attacker who can upload files of any type to the server can pass in the phar:// protocol to unserialize the uploaded file and...

9.8CVSS7.3AI score0.0143EPSS
Exploits1References5
altlinux
altlinux
added 2022/06/20 12:0 a.m.41 views

Security fix for the ALT Linux 10 package tor version 0.4.7.8-alt1

0.4.7.8-alt1 built June 20, 2022 Hihin Ruslan in task 302306 --- June 18, 2022 Hihin Ruslan - Update version - CVE-2021-3838...

2.2AI score0.0143EPSS
Exploits1
Rows per page
Query Builder