CVE-2022-2400

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-2400
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.

5.3 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://huntr.dev/bounties/a6da5e5e-86be-499a-a3c3-2950f749202a Exploit Issue Tracking Patch Third Party Advisory
https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6a Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dompdf_project:dompdf:*:*:*:*:*:*:*:*
Information

Published : 2022-07-18 15:15

Updated : 2022-07-23 02:21

NVD link : CVE-2022-2400

Mitre link : CVE-2022-2400

JSON object : View

Products Affected

dompdf_project

  • dompdf
CWE
CWE-73

External Control of File Name or Path