CVE-2023-23924 (Critical) detected in dompdf/dompdf-v2.0.0

[mend-bolt-for-github[bot]]

CVE-2023-23924 - Critical Severity Vulnerability

Vulnerable Library - dompdf/dompdf-v2.0.0

DOMPDF is a CSS 2.1 compliant HTML to PDF converter

Library home page: https://api.github.com/repos/dompdf/dompdf/zipball/79573d8b8a141ec8a17312515de8740eed014fa9

Dependency Hierarchy: - :x: **dompdf/dompdf-v2.0.0** (Vulnerable Library)

Found in HEAD commit: ab76dd905220f63a5e50d7a6c36543f1d876d52a

Found in base branch: master

Vulnerability Details

Dompdf is an HTML to PDF converter. The URI validation on dompdf 2.0.1 can be bypassed on SVG parsing by passing `` tags with uppercase letters. This may lead to arbitrary object unserialize on PHP < 8, through the `phar` URL wrapper. An attacker can exploit the vulnerability to call arbitrary URL with arbitrary protocols, if they can provide a SVG file to dompdf. In PHP versions before 8.0.0, it leads to arbitrary unserialize, that will lead to the very least to an arbitrary file deletion and even remote code execution, depending on classes that are available.

Publish Date: 2023-02-01

URL: CVE-2023-23924

CVSS 3 Score Details (9.8)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg

Release Date: 2023-02-01

Fix Resolution: v2.0.2

---

Step up your Open Source Security Game with Mend here