URI validation failure does not halt font registration in Dompdf 2.0.0 #2994
Comments
bsweeney
added a commit
that referenced
this issue
Aug 25, 2022
bsweeney
added a commit
that referenced
this issue
Sep 15, 2022
bsweeney
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When a font is registered through the
@font-facerule the URL is run through validation that was implemented to address the issues outlined in #2564. The validation logic specific to the font-face rule, however, does not actually halt processing of the font when validation fails. As a result, a system running Dompdf 2.0.0 is vulnerable to remote file inclusion though the font installation routines and that may lead to code execution due to PHAR deserialization vulnerability if the system is running a vulnerable version of PHP (< 8.0.0).References:
The text was updated successfully, but these errors were encountered: