Vulnerability Database
Blog
FAQ
Docs
GHSA-pf6p-25r2-fx45
Source
https://github.com/advisories/GHSA-pf6p-25r2-fx45
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-pf6p-25r2-fx45/GHSA-pf6p-25r2-fx45.json
Aliases
CVE-2022-0085
Published
2022-06-29T00:00:27Z
Modified
2023-11-08T04:07:28.174206Z
Details
Server-Side Request Forgery (SSRF) in GitHub repository dompdf/dompdf prior to 2.0.0.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-0085
https://github.com/dompdf/dompdf/commit/bb1ef65011a14730b7cfbe73506b4bb8a03704bd
https://github.com/FriendsOfPHP/security-advisories/blob/master/dompdf/dompdf/CVE-2022-0085.yaml
https://github.com/dompdf/dompdf
https://huntr.dev/bounties/73dbcc78-5ba9-492f-9133-13bbc9f31236
Affected packages
Packagist
/
dompdf/dompdf
Package
Name
dompdf/dompdf
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
The exact introduced commit is unknown
Fixed
2.0.0
Affected versions
v0.*
v0.6.0
v0.6.1
v0.6.2
v0.7.0-beta
v0.7.0-beta2
v0.7.0-beta3
v0.7.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.2.2
GHSA-pf6p-25r2-fx45 - OSV