Search by 
PKSA-jvj8-gbfh-v875 Security Advisory
-
[CRITICAL] Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
PKSA-jvj8-gbfh-v875 CVE-2018-17057 GHSA-5hw4-m7f3-hhx8
Affected package: tecnickcom/tcpdf
Affected version: <6.2.22
Reported by:
GitHub, FriendsOfPHP/security-advisories