cbcvebase.
CVE-2022-41343
published 2022-09-25

CVE-2022-41343: registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as…

PriorityP347high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
4.06%
89.4th percentile
registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

Affected

3 ranges
VendorProductVersion rangeFixed in
debianphp-dompdf
dompdfdompdf>= 0 < 2.0.12.0.1
dompdf_projectdompdf< 2.0.12.0.1

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerable function is `registerFont` in `FontMetrics.php` in Dompdf before 2.0.1; monitor for exploitation attempts targeting this file via @font-face rules with remote URIs
  • Attack vector involves supplying a malicious @font-face CSS rule to trigger remote file inclusion through the font registration path; inspect CSS input processed by Dompdf for external/unexpected URI references in @font-face declarations
  • ·Vulnerability is only present in Dompdf versions before 2.0.1; confirm patched version is deployed (bookworm, bullseye, and sid Debian releases are resolved)

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vendor_debian7.5LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.