Dompdf prior to version 2.0.0 is vulnerable to a chroot check bypass, which could cause disclosure of png and jpeg files. References https://nvd.nist.gov/vuln/detail/CVE-2022-2400 https://github.com/dompdf/dompdf/commit/99aeec1efec9213e87098d42eb09439e7ee0bb6a https://huntr.dev/bounties/a6da5e5e-86be-499a-a3c3-2950f749202a https://github.com/advisories/GHSA-5qj8-6xxj-hp9h