PKSA-xz12-xgjc-r2wn Security Advisory
-
[HIGH] PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)
PKSA-xz12-xgjc-r2wn CVE-2026-49286 GHSA-2fmj-p74r-3wjm
Affected package: pontedilana/php-weasyprint
Affected version: <=2.5.1
Reported by:
GitHub