Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE

dompdf / php-svg-lib

SVG file parsing / rendering library

GNU Lesser General Public License v3.0

1.41k stars 77 forks source link

Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE #116

Closed NimeshBhavsar closed 9 months ago

NimeshBhavsar commented 9 months ago

Dompdf.s.usage.of.vulnerable.version.of.phenx_php-svg-lib 1.pdf

I recently got this mail. Can someone explain me this?

alexandreacid commented 9 months ago

Dompdf.s.usage.of.vulnerable.version.of.phenx_php-svg-lib 1.pdf

I recently got this mail. Can someone explain me this?

Have a look at https://github.com/dompdf/dompdf/security/advisories/GHSA-97m3-52wr-xvv2.

There is a major security issue for versions under 0.5.2. Users of dompdf are currently stucked because of this.

bsweeney commented 9 months ago

Trying to work out how to resolve this. As noted, Dompdf itself is not vulnerable except when used with php-svg-lib versions prior to 0.5.2. The current vulnerability report is causing issues for automated deployment in some scenarios. If you use Dompdf 2.0.4 and php-svg-lib 0.5.2 then you are safe from all known vulnerabilities.