7 matches found
CVE-2024-56519
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute...
MGASA-2024-0361 Updated php-tcpdf packages fix security vulnerability
TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file. CVE-2024-22641...
CVE-2024-22641
TCPDF version 6.6.5 and before is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted SVG file...
CVE-2024-22640
TCPDF (PHP class for generating PDFs) is affected by CVE-2024-22640. The root cause is a Regular Expression Denial of Service in parsing untrusted HTML when a crafted color is processed, with affected versions reported as
CVE-2024-22640
TCPDF version =6.6.5 is vulnerable to ReDoS Regular Expression Denial of Service if parsing an untrusted HTML page with a crafted color...
CVE-2017-6100
tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP...
TCPDF 4.5.0364.9.5 - params Attribute Remote Code Execution
TCPDF 4.5.0364.9.5 - params Attribute Remote Code Execution source: https://www.securityfocus.com/bid/39315/info TCPDF is prone to a security weakness that may allow attackers to execute arbitrary code. An attacker can exploit this issue in conjunction with other latent vulnerabilities to execute...