← voltar
CVE-2022-2400

External Control of File Name or Path in dompdf/dompdf

CVSS 5.3 MEDIUMEPSS 0.9%CWE-73
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
dompdf · dompdf/dompdf

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6ahttps://huntr.dev/bounties/a6da5e5e-86be-499a-a3c3-2950f749202ahttps://lists.debian.org/debian-lts-announce/2023/07/msg00017.html