Information on source package php-dompdf

Available versions

ReleaseVersion
buster0.6.2+dfsg-3
buster (security)0.6.2+dfsg-3+deb10u2
bullseye0.6.2+dfsg-3.1
bookworm2.0.3+dfsg-1
trixie2.0.4+dfsg-2
sid2.0.4+dfsg-2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2023-50262fixedvulnerablevulnerablefixedfixedDompdf is an HTML to PDF converter for PHP. When parsing SVG images Do ...
CVE-2022-2400fixedvulnerable (no DSA)fixedfixedfixedExternal Control of File Name or Path in GitHub repository dompdf/domp ...
CVE-2021-3838fixedvulnerable (no DSA)fixedfixedfixedDeserialization of Untrusted Data using PHAR deserialization

Resolved issues

BugDescription
CVE-2023-24813Dompdf is an HTML to PDF converter written in php. Due to the differen ...
CVE-2023-23924Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 ...
CVE-2022-41343registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote f ...
CVE-2022-28368Dompdf 1.2.1 allows remote code execution via a .php file in the src:u ...
CVE-2022-0085Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf ...
CVE-2021-3902Improper Restriction of XML External Entity Reference for included svg files
CVE-2014-5013DOMPDF before 0.6.2 allows remote code execution, a related issue to C ...
CVE-2014-5012DOMPDF before 0.6.2 allows denial of service.
CVE-2014-5011DOMPDF before 0.6.2 allows Information Disclosure.
CVE-2014-2383dompdf.php in dompdf before 0.6.1, when DOMPDF_ENABLE_PHP is enabled, ...
CVE-2010-4879PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 ...

Security announcements

DSA / DLADescription
DLA-3495-2php-dompdf - regression update
DLA-3495-1php-dompdf - security update

Search for package or bug name: Reporting problems