Lucene search
K

PT-2024-19516 · Tcpdf +1 · Tcpdf +1

🗓️ 19 Apr 2024 00:00:00Reported by Positive TechnologiesType 
ptsecurity
 ptsecurity
🔗 dbugs.ptsecurity.com👁 5 Views

TCPDF versions <= 6.6.5 are vulnerable to ReDoS via untrusted HTML parsing leading to denial of service.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2025-65875
3 Feb 202600:00
attackerkb
BDU FSTEC
The vulnerability of the PHP class for generating PDF documents, TCPDF, is related to the lack of protective measures for website structure. This allows attackers to perform cross-site scripting attacks.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP class tc-lib-pdf-font for generating PDF documents by TCPDF allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP class for generating PDF documents via TCPDF allows attackers to circumvent existing security restrictions.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP library TCPDF, related to the inefficient complexity of regular expressions, allows attackers to trigger a service failure.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP library TCPDF, related to the inefficient complexity of regular expressions, allows attackers to trigger a service failure.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP library TCPDF, related to the failure to remove script-related HTML tags from web pages, allows attackers to perform cross-site scripting (XSS) attacks.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP library TCPDF, related to files or directories accessible to external parties, allows attackers to gain access to confidential information.
8 Sep 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of the PHP library TCPDF, related to improper handling of input data during web page generation, allows attackers to execute arbitrary code.
8 Sep 202500:00
bdu_fstec
Circl
CVE-2024-22641
16 Aug 202411:16
circl
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

03 Jun 2025 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.17.5
EPSS0.01325
SSVC
5