tecnickcom/tcpdf Security Advisories for 6.0.070 (3)
-
[MEDIUM] TCPDF vulnerable to Regular Expression Denial of Service
PKSA-jwjn-w3mx-tq38 CVE-2024-22640 GHSA-mx3p-fhpw-x6rv
Affected version: <=6.7.4
Reported by:
GitHub -
[MEDIUM] TCPDF Cross-site Scripting vulnerability
PKSA-d3g2-dzgm-n74r CVE-2024-32489 GHSA-g9wg-98c2-qv3v
Affected version: <6.7.4
Reported by:
GitHub -
[CRITICAL] Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
PKSA-jvj8-gbfh-v875 CVE-2018-17057 GHSA-5hw4-m7f3-hhx8
Affected version: <6.2.22
Reported by:
GitHub, FriendsOfPHP/security-advisories