cve/CVE-2022-41343.md at ba290685fe22de220a539dbecbe46bd650f1a0d5

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-29 17:50:34 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

928 B

Raw Blame History

CVE-2022-41343

Description

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

POC

Reference

https://tantosec.com/blog/cve-2022-41343/
https://tantosec.com/blog/cve-2022-41343/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Amodio/h5p_quiz
https://github.com/BKreisel/CVE-2022-41343
https://github.com/BKreisel/CVE-2022-46169
https://github.com/fardeen-ahmed/Bug-bounty-Writeups
https://github.com/nomi-sec/PoC-in-GitHub

928 B Raw Blame History

CVE-2022-41343

Description

POC

Reference

Github

928 B

Raw Blame History