Tcpdf Security Vulnerabilities and Issues — Tcpdf CVE List | Vulners.com

Lucene search

K

Tcpdf ProjectTcpdf

6 matches found

CVE•added 2024/12/27 6:15 a.m.•598 views

CVE-2024-56527

An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.

7.5CVSS7.2AI score0.00422EPSS

CVE•added 2024/05/28 9:16 p.m.•112 views

CVE-2024-22641

TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.

7.5CVSS6.7AI score0.10097EPSS

CVE•added 2024/04/19 4:15 p.m.•91 views

CVE-2024-22640

TCPDF version

7.5CVSS6.2AI score0.01324EPSS

CVE•added 2024/12/27 5:15 a.m.•68 views

CVE-2024-56519

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.

7.5CVSS7AI score0.00087EPSS

CVE•added 2024/12/27 5:15 a.m.•66 views

CVE-2024-56522

An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.

7.5CVSS6.9AI score0.00116EPSS

CVE•added 2017/02/23 7:59 p.m.•42 views

CVE-2017-6100

tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP.

7.5CVSS7.4AI score0.0031EPSS