CyberSec.Space Logo
Back to CVE Browser

CVE-2014-5013

HIGH
8.8
CVSS Severity Score
EPSS Score0.1990%
EPSS Percentile31.95th
PublishedJan 10, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

Affected Platforms (CPE)

πŸ“¦
Dompdf Project

Dompdf

< 0.6.2

References & Advisories

πŸ”— https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2
πŸ”— https://github.com/dompdf/dompdf/releases/tag/v0.6.2
πŸ”— https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2
πŸ”— https://github.com/dompdf/dompdf/releases/tag/v0.6.2

Related Vulnerabilities

CVE-2021-38389.8

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into...

CVE-2014-62357.5

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via ...

CVE-2010-48797.5

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code ...

CVE-2013-07247.5

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before ...