CVE-2018-17057
The CVE-2018-17057 issue affects TCPDF prior to 6.2.22, allowing attackers to trigger deserialization of arbitrary data through the phar:// wrapper. Documented impact includes remote code execution risk when processing manipulated inputs, with notable exposure via LimeSurvey relying on the TCPDF ...