[CRITICAL] Dompdf's usage of vulnerable version of phenx/php-svg-lib leads to restriction bypass and potential RCE

PKSA-qsyb-3psh-f1t3 GHSA-97m3-52wr-xvv2

Affected version: <0.5.2

Reported by:
GitHub

[MEDIUM] php-svg-lib lacks path validation on font through SVG inline styles

PKSA-3dsp-r6t7-8xmz CVE-2024-25117 GHSA-f3qr-qr4x-j273

Affected version: <0.5.2

Reported by:
GitHub