CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-5013

HIGH
8.8
CVSS Severity Score
EPSS Score0.1990%
EPSS Percentile31.95th
Published2020年1月10日
Last Modified2024年11月21日

Vulnerability Description

DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383.

Affected Platforms (CPE)

📦
Dompdf Project

Dompdf

< 0.6.2

References & Advisories

🔗 https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2
🔗 https://github.com/dompdf/dompdf/releases/tag/v0.6.2
🔗 https://github.com/dompdf/dompdf/compare/v0.6.1...v0.6.2
🔗 https://github.com/dompdf/dompdf/releases/tag/v0.6.2

相关漏洞威胁

CVE-2021-38389.8

DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into...

CVE-2014-62357.5

Unspecified vulnerability in the ke DomPDF extension before 0.0.5 for TYPO3 allows remote attackers to execute arbitrary code via ...

CVE-2010-48797.5

PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers to execute arbitrary PHP code ...

CVE-2013-07247.5

PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop Styling plugin for WordPress before ...