Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-2400HistoryJul 18, 2022 - 3:15 p.m.
CVE-2022-2400
2022-07-1815:15:08
Debian Security Bug Tracker
security-tracker.debian.org
15
github
dompdf
cve-2022-2400
security
vulnerability
file control
path control
unix
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
34.2%
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | php-dompdf | < 2.0.2+dfsg-1 | php-dompdf_2.0.2+dfsg-1_all.deb |
| Debian | 11 | all | php-dompdf | <= 0.6.2+dfsg-3.1 | php-dompdf_0.6.2+dfsg-3.1_all.deb |
| Debian | 999 | all | php-dompdf | < 2.0.2+dfsg-1 | php-dompdf_2.0.2+dfsg-1_all.deb |
| Debian | 13 | all | php-dompdf | < 2.0.2+dfsg-1 | php-dompdf_2.0.2+dfsg-1_all.deb |
Related
github
github
Dompdf before v2.0.0 vulnerable to chroot check bypass
2022-07-19 00:00:26
veracode
veracode
Information Disclosure
2022-07-19 08:37:31
osv
osv
Dompdf before v2.0.0 vulnerable to chroot check bypass
2022-07-19 00:00:26
CVE-2022-2400
2022-07-18 15:15:08
php-dompdf - security update
2023-07-13 00:00:00
cvelist
cvelist
CVE-2022-2400 External Control of File Name or Path in dompdf/dompdf
2022-07-18 00:00:00
prion
prion
Xxe
2022-07-18 15:15:00
huntr
huntr
in dompdf/dompdf
2021-09-28 17:04:14
ubuntucve
ubuntucve
CVE-2022-2400
2022-07-18 00:00:00
cve
cve
CVE-2022-2400
2022-07-18 15:15:08
nvd
nvd
CVE-2022-2400
2022-07-18 15:15:08
nessus
nessus
Ubuntu 22.04 LTS : Dompdf vulnerabilities (USN-6277-2)
2023-08-10 00:00:00
Debian DLA-3495-1 : php-dompdf - LTS security update
2023-07-14 00:00:00
debian
debian
[SECURITY] [DLA 3495-2] php-dompdf regression update
2023-08-11 09:02:38
[SECURITY] [DLA 3495-1] php-dompdf security update
2023-07-13 21:16:41
openvas
openvas
Debian: Security Advisory (DLA-3495-1)
2023-07-14 00:00:00
Ubuntu: Security Advisory (USN-6277-2)
2023-08-11 00:00:00
Ubuntu: Security Advisory (USN-6277-1)
2023-08-09 00:00:00
ubuntu
ubuntu
Dompdf vulnerabilities
2023-08-08 00:00:00
Dompdf vulnerabilities
2023-08-10 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
34.2%
Related for DEBIANCVE:CVE-2022-2400