CVE-2022-41343

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

dompdf/dompdf
dompdf/dompdf
HTML to PDF converter for PHP
GitHubGitHub
11.1K