You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a font is registered through the @font-face rule the URL is run through validation that was implemented to address the issues outlined in #2564. The validation logic specific to the font-face rule, however, does not actually halt processing of the font when validation fails. As a result, a system running Dompdf 2.0.0 is vulnerable to remote file inclusion though the font installation routines and that may lead to code execution due to PHAR deserialization vulnerability if the system is running a vulnerable version of PHP (< 8.0.0).
bsweeney
changed the title
URI validation failure does not halt font registration
URI validation failure does not halt font registration in Dompdf 2.0.0
Dec 1, 2022
When a font is registered through the
@font-face
rule the URL is run through validation that was implemented to address the issues outlined in #2564. The validation logic specific to the font-face rule, however, does not actually halt processing of the font when validation fails. As a result, a system running Dompdf 2.0.0 is vulnerable to remote file inclusion though the font installation routines and that may lead to code execution due to PHAR deserialization vulnerability if the system is running a vulnerable version of PHP (< 8.0.0).References:
The text was updated successfully, but these errors were encountered: