Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2022-2400
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-2400
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-2400.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-2400
Aliases
GHSA-5qj8-6xxj-hp9h
Downstream
DEBIAN-CVE-2022-2400
DLA-3495-1
UBUNTU-CVE-2022-2400
USN-6277-1
USN-6277-2
Published
2022-07-18T15:15:08Z
Modified
2025-10-15T13:48:47.690798Z
Severity
5.3 (Medium)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVSS Calculator
Summary
[none]
Details
External Control of File Name or Path in GitHub repository dompdf/dompdf prior to 2.0.0.
References
https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6a
https://huntr.dev/bounties/a6da5e5e-86be-499a-a3c3-2950f749202a
https://lists.debian.org/debian-lts-announce/2023/07/msg00017.html
Affected packages
Git
/
github.com/dompdf/dompdf
Affected ranges
Type
GIT
Repo
https://github.com/dompdf/dompdf
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Fixed
99aeec1efec9213e87098d42eb09439e7ee0bb6a
Affected versions
v0.*
v0.6.0
v0.6.0-b3
v0.6.1
v0.6.2
v0.7.0
v0.7.0-beta
v0.7.0-beta2
v0.7.0-beta3
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.8.4
v0.8.5
v0.8.6
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.1.0
v1.1.1
v1.2.0
v1.2.1
v1.2.2
CVE-2022-2400 - OSV