9 matches found
EUVD-2024-3555
Malicious code in bioql PyPI...
EUVD-2024-3609
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-56520
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in tc-lib-pdf-font before 2.6.4, as used in TCPDF before 6.8.0 and other products. Fonts are mishandled, e.g., FontBBox for Type 1 and...
Linux Distros Unpatched Vulnerability : CVE-2024-56522
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != aka loose comparison and does not use a constant-time function to compare TCPDF tag...
Linux Distros Unpatched Vulnerability : CVE-2024-32489
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TCPDF before 6.7.4 mishandles calls that use HTML syntax. CVE-2024-32489 Note that Nessus relies on the presence of the package as reported by the vendor...
TCPDF lacks SVG sanitization
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
GHSA-9MGX-552F-59P6 TCPDF missing certificate validation
An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely...
CVE-2024-56522
An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != aka loose comparison and does not use a constant-time function to compare TCPDF tag hashes...
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...