CVE-2022-41343
packagist/dompdf/dompdf
Files or Directories Accessible to External Parties
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.
All versions before 2.0.1
Upgrade to version 2.0.1 or above.
2022-09-29
source |