Dompdf is a popular library in PHP used for rendering PDF files from HTML. Tanto Security disclosed a vulnerability in Dompdf affecting version 2.0.0 and below. The vulnerability was patched in Dompdf v2.0.1. We recommend all Dompdf users update to the latest version as soon as possible. Exploitation of the vulnerability results in remote code execution subject to the following conditions. The application is deployed on PHP <= 7.x and a well-known RCE deserialization gadget exists in any of the applications library’s.