[CRITICAL] Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE

PKSA-qsyb-3psh-f1t3 GHSA-97m3-52wr-xvv2

Affected version: <0.5.2

Reported by:
GitHub

[MEDIUM] php-svg-lib lacks path validation on font through SVG inline styles

PKSA-3dsp-r6t7-8xmz CVE-2024-25117 GHSA-f3qr-qr4x-j273

Affected version: <0.5.2

Reported by:
GitHub

[MEDIUM] Denial of service caused by infinite recursion when parsing SVG document

PKSA-cwpj-dtf9-6fg1 CVE-2023-50251 GHSA-ff5x-7qg5-vwf2

Affected version: <0.5.1

Reported by:
GitHub