pkg:Packagist/dompdf/dompdf

All known vulnerabilities

• CRITICAL10.0CVE-2023-24813URI validation failure on SVG parsing. Bypass of CVE-2023-23924
  >= 2.0.2, < 2.0.3
• CRITICAL10.0CVE-2023-23924Dompdf vulnerable to URI validation failure on SVG parsing
  from 0, < 2.0.2
• CRITICAL9.8CVE-2021-3902Improper Restriction of XML External Entity Reference in dompdf/dompdf
  from 0, < 2.0.0
• CRITICAL9.8CVE-2021-3838php-dompdf - security update
  from 0, < 2.0.0
• CRITICAL9.8CVE-2022-28368Remote code injection in dompdf/dompdf
  from 0, < 1.2.1
• HIGH8.8CVE-2014-5013DOMPDF Remote Code Execution
  >= 0.6, < 0.6.2
• HIGH7.5CVE-2022-41343Dompdf allows remote file inclusion because URI validation failure does not halt font registration
  from 0, < 2.0.1
• MEDIUM6.5CVE-2014-5011DOMPDF Information Disclosure
  >= 0.6, < 0.6.2
• MEDIUM6.5CVE-2014-5012DOMPDF denial of service vulnerability
  >= 0.6, < 0.6.2
• MEDIUM5.3CVE-2023-50262Denial of service caused by infinite recursion when parsing SVG images
  from 0, < 2.0.4
• MEDIUM5.3CVE-2022-2400Dompdf before v2.0.0 vulnerable to chroot check bypass
  from 0, < 2.0.0
• MEDIUM5.3CVE-2022-0085Server-Side Request Forgery in dompdf/dompdf
  from 0, < 2.0.0
• —CVE-2010-4879DOMPDF Remote File Inclusion Vulnerability
  >= 0.6, < 0.6.1
• —CVE-2014-2383DOMPDF Arbitrary File Read
  >= 0.6.0, < 0.6.1