PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.5.1, "pontedilana/php-weasyprint" builds the shell command for WeasyPrint by passing the binary path through "escapeshellarg()" first and then checking the quoted result with "is_executable()". On POSIX "escapeshellarg('/usr/local/bin/weasyprint')" returns "'/usr/local/bin/weasyprint'" with the single-quote characters as part of the string, so "is_executable()" looks for a file whose actual name includes those quotes. That file never exists, the "safe" branch is dead code, and the raw "$binary" string (set via the constructor or "setBinary()") flows directly into "Symfony\Component\Process\Process::fromShellCommandline()". Any deployment whose binary path is sourced from configuration, an environment variable, or a per-tenant setting reaches a shell-command-injection sink. The library is documented as a one-to-one substitute for KnpLabs/snappy and inherited the exact pre-fix codepath KnpLabs patched in GHSA-vpr4-p6fq-85jc. PhpWeasyPrint version 2.5.1 contains a patch for the issue.