[SECURITY] [DLA 4427-1] php-dompdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA December 30, 2025 https://wiki.debian.org/LTS -...

Debian dla-4427 : php-dompdf - security update

The remote Debian 11 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-4427 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4427-1 [email protected]...

DLA-4427-1 php-dompdf - security update

Bulletin has no description...

Debian: Security Advisory (DSA-5642-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5642-1] php-dompdf-svg-lib security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5642-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2024 https://www.debian.org/security/faq -...

[SECURITY] [DLA 3495-2] php-dompdf regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-2 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 10, 2023 https://wiki.debian.org/LTS -...

Ubuntu: Security Advisory (USN-6277-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6277-2: Dompdf vulnerabilities

USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the corresponding updates for Ubuntu 22.04 LTS. Original advisory details: It was discovered that Dompdf was not properly validating untrusted input when processing HTML content under certain circumstances. An attacker could possibl...

Ubuntu: Security Advisory (USN-6277-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3495 : php-dompdf - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3495 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-1 [email protected]...

Debian: Security Advisory (DLA-3495-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3495-1] php-dompdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3495-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès July 13, 2023 https://wiki.debian.org/LTS -...

Deserialization Of Untrusted Data

php-dompdf is vulnerable to Deserialization of Untrusted Data. The library is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the filegetcontents function. If an attacker can upload files of any type to the server, they can pass in the phar://...

XML External Entity (XXE)

php-dompdf is vulnerable to XML External Entity XXE attacks. SVG images are not processed through Dompdf's resource validation logic, allowing attackers to use remote resources, local filesystem paths, and vulnerable protocols without restriction...