Vulnerability feed

Vulnerability

CVE-2022-41343

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-41343
Description:: registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
Last updated date:: 11/21/2022

Type:: exploit
Confidence:: HIGH
Date of publishing:: 09/28/2022
Reference url to background: https://github.com/dompdf/dompdf/issues/2994

Type:: exploit
Confidence:: HIGH
Date of publishing:: 11/21/2022
Reference url to background: https://tantosec.com/blog/cve-2022-41343/

Type:: exploit
Confidence:: HIGH
Date of publishing:: 02/15/2023
Reference url to background: https://github.com/BKreisel/CVE-2022-41343

Vulnerability Feed Contributors About Blog

@inTheWild

©2024 |