dompdf/dompdf on Packagist
DOMPDF is a CSS 2.1 compliant HTML to PDF converter
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2022-28368 | 9.8 CRITICAL | 7.5 HIGH | |
Dompdf 1.2.1 allows remote code execution via a .php file in the src:url field of an @font-face Cascading Style Sheets (CSS) statement (within an HTML input file). |