Skip to main content

CVE-2022-41343: n/a in n/a

High
VulnerabilityCVE-2022-41343cvecve-2022-41343
Published: Sun Sep 25 2022 (09/25/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

registerFont in FontMetrics.php in Dompdf before 2.0.1 allows remote file inclusion because a URI validation failure does not halt font registration, as demonstrated by a @font-face rule.

AI-Powered Analysis

AILast updated: 07/08/2025, 10:13:35 UTC

Technical Analysis

CVE-2022-41343 is a high-severity vulnerability affecting Dompdf, a popular PHP library used for converting HTML and CSS to PDF documents. The vulnerability exists in the registerFont function within the FontMetrics.php file in versions of Dompdf prior to 2.0.1. The core issue is a failure in URI validation when processing @font-face CSS rules, which allows an attacker to perform remote file inclusion (RFI). Specifically, the function does not properly halt font registration upon encountering an invalid or malicious URI, enabling an attacker to supply a crafted URI that causes the application to include and potentially execute remote files. This can lead to the exposure of sensitive information, as the CVSS vector indicates a high impact on confidentiality, though integrity and availability are not affected. The vulnerability is exploitable remotely without authentication or user interaction, increasing its risk profile. While no known exploits are currently reported in the wild, the ease of exploitation combined with the high confidentiality impact makes this a critical issue for any system using vulnerable versions of Dompdf. Since Dompdf is widely used in web applications for generating PDFs dynamically, this vulnerability could be leveraged to access unauthorized data or execute malicious code in the context of the web server.

Potential Impact

For European organizations, the impact of CVE-2022-41343 can be significant, especially for those relying on web applications that utilize Dompdf for PDF generation. The vulnerability allows remote attackers to include arbitrary remote files, potentially leading to unauthorized disclosure of sensitive data such as personal information, financial records, or intellectual property. This is particularly concerning under the GDPR framework, where data breaches can result in substantial fines and reputational damage. Confidentiality breaches could undermine trust in services, especially in sectors like finance, healthcare, and government where document generation is common. Although the vulnerability does not directly affect integrity or availability, the ability to include remote files could be a stepping stone for further attacks, such as remote code execution or lateral movement within networks. The lack of required authentication and user interaction means attackers can exploit this vulnerability at scale, increasing the risk to European organizations with exposed web services using vulnerable Dompdf versions.

Mitigation Recommendations

To mitigate CVE-2022-41343, European organizations should immediately upgrade Dompdf to version 2.0.1 or later, where the vulnerability has been addressed. If upgrading is not immediately possible, organizations should implement strict input validation and sanitization on any user-supplied CSS or font URIs before they reach Dompdf. Additionally, restricting outbound network access from web servers to only trusted destinations can reduce the risk of remote file inclusion. Employing web application firewalls (WAFs) with rules targeting suspicious font-face URI patterns can provide temporary protection. Monitoring logs for unusual font registration attempts or unexpected network requests originating from the PDF generation process can help detect exploitation attempts. Finally, organizations should review their PDF generation workflows to minimize reliance on external resources and consider sandboxing PDF generation processes to limit potential damage from exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-09-25T00:00:00.000Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682f3a190acd01a24926123e

Added to database: 5/22/2025, 2:52:09 PM

Last enriched: 7/8/2025, 10:13:35 AM

Last updated: 8/15/2025, 6:36:27 AM

Views: 12

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats