diff options
| author | Ola Lundqvist <ola@inguza.com> | 2022-05-17 21:37:28 +0200 |
|---|---|---|
| committer | Ola Lundqvist <ola@inguza.com> | 2022-05-17 21:45:50 +0200 |
| commit | f466ab61a0ed08b33600418514fb0ff95b9d3df9 (patch) | |
| tree | 70c6fb314be602073eed41028aa070fb018aefbf | |
| parent | 77d2554598ad86135c21e6bb0edb0ea29f3ce78e (diff) | |
Marked CVE-2022-28368 as not-affected for php-dompdf. Checked the code and really tried to find any code that resembles the vulnerable code and could not find anything. So this must mean that the code is not vulnerable.
| -rw-r--r-- | data/CVE/list | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index ad0fe76beb..b5a526e769 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -7163,6 +7163,7 @@ CVE-2022-28369 RESERVED CVE-2022-28368 (Dompdf 1.2.1 allows remote code execution via a .php file in the src:u ...) - php-dompdf <unfixed> (bug #1010090) + [stretch] - php-dompdf <not-affected> (Vulnerable code not present) NOTE: https://snyk.io/blog/security-alert-php-pdf-library-dompdf-rce/ NOTE: https://positive.security/blog/dompdf-rce NOTE: https://github.com/dompdf/dompdf/issues/2598 |