[SECURITY] [DLA 4427-1] php-dompdf security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4427-1] php-dompdf security update
From: Abhijith PA <abhijith@debian.org>
Date: Tue, 30 Dec 2025 14:01:16 +0530
Message-id: <[🔎] aVON1BmTTi_m9hOE@debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4427-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Abhijith PA
December 30, 2025                             https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : php-dompdf
Version        : 0.6.2+dfsg-3.1+deb11u1
CVE ID         : CVE-2021-3838 CVE-2022-2400

Two vulnerabilities were discovered in php-dompdf, a PHP library to
convert HTML to PDF. 

CVE-2021-3838

    php-dompdf is vulnerable to PHAR deserialization due to a lack of
    checking on the protocol before passing it into the
    file_get_contents() function. An attacker who can upload files of
    any type to the server can pass in the phar:// protocol to
    unserialize the uploaded file and instantiate arbitrary PHP
    objects. This can lead to remote code execution, especially when
    DOMPdf is used with frameworks with documented POP chains like
    Laravel or vulnerable developer code

CVE-2022-2400

    php-dompdf was vulnerable to External Control of File Name bypassing
    unallowed access verification.

For Debian 11 bullseye, these problems have been fixed in version
0.6.2+dfsg-3.1+deb11u1.

We recommend that you upgrade your php-dompdf packages.

For the detailed security status of php-dompdf please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-dompdf

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmlTjdMACgkQhj1N8u2c
KO8MYQ/8Cf5W72K5AV0S4aYyVm7fLOdDTtGn7EAyJI1hHw9hCl5tTYtOgc6AeHad
LvK1SPDte1Bab/kzUaA6qNO1sR03DJJA6zH7ltGs+o1FdB7iDkO2Bxp3tDSpPqvg
8YLX/xnSx2y0D/P9LzHoL6tunQfvDIfwo9Gmj3c11ROzcDYh/EDOQwp7JKIF3ekx
pHakyT1pzrHvcNTRpyVPf3I3rRajPvRrxEEdT9G608NGFjTfpopklJ5kTg9Igqtw
rckJrY7KHCXSnXZu4rNAa3Rsi4e+OqVPyjHYJuRpsAH9tBH7pY2wZUZyv+k9EohK
sfwvcUQBeMNDCbtLcszO9WBO9FJUp0HKD5gvr5k9xj2fbiBoX1yHPKj0LbY4hxZ5
cmdMkhxBScdXSyrtz/I0wlOHjv3JQFHaBbpPQXAMUZg/NMEpg+KcHfe9jYzOA52p
CC5bvKy/SrZvxb/2haQr29aAbUgDMYnyRGNPCk9NWMXPTazWz8KsT8lblRh5/qkN
88osNcTqEvvbH04lmSP98gmHrluY+Q31qjqpIi1Y2pyn90vyLzJGaWbOUadVLNp+
EZfFT6mMA21m5bV6H/j3t0c6UzvtHNXOjlJf3cfqn8HjyjWg2FtvfGFoOslHQJvh
t7pfCl3BYxJ+2C/99tregoaIp7G2EJCWZDvHTwNDterCU5Wz57U=
=aq9W
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4426-1] osslsigncode security update
Next by Date: [SECURITY] [DLA 4428-1] mediawiki security update
Previous by thread: [SECURITY] [DLA 4426-1] osslsigncode security update
Next by thread: [SECURITY] [DLA 4428-1] mediawiki security update
Index(es):
- Date
- Thread