Security Advisory

CVE-2022-41343

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-25 00:00:00

Last updated 2025-05-22 14:41:32

Assigner mitre

State PUBLISHED

Description

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

← Browse all CVEs View on cve.org ↗