Lucene search
Veracode Vulnerability DatabaseVERACODE:7492HistorySep 17, 2018 - 7:47 a.m.
Arbitrary Data Deserialization
2018-09-1707:47:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
EPSS
0.267
Percentile
96.8%
tecnickcom/tcpdf is vulnerable to arbitrary data deserialization attack. The attack is possible because it allows the user to input arbitrary data to deserialize using via the phar:// wrapper.
Related
friendsofphp
friendsofphp
zdt
zdt
LimeSurvey < 3.16 - Remote Code Execution Exploit
2019-04-02 00:00:00
TCPDF 6.2.19 Deserialization / Remote Code Execution Exploit
2019-03-25 00:00:00
contao
contao
Arbitrary code execution in TCPDF
2018-09-18 00:00:00
cve
cve
CVE-2018-17057
2018-09-14 20:29:00
prion
prion
Deserialization of untrusted data
2018-09-14 20:29:00
osv
osv
CVE-2018-17057
2018-09-14 20:29:00
TCPDF vulnerable to attackers triggering deserialization of arbitrary data
2022-10-06 19:53:20
github
github
TCPDF vulnerable to attackers triggering deserialization of arbitrary data
2022-10-06 19:53:20
packetstorm
packetstorm
LimeSurvey Deserialization Remote Code Execution
2019-04-02 00:00:00
TCPDF 6.2.19 Deserialization / Remote Code Execution
2019-03-22 00:00:00
debiancve
debiancve
CVE-2018-17057
2018-09-14 20:29:00
checkpoint_advisories
checkpoint_advisories
TCPDF Phar Insecure Deserialization (CVE-2018-17057)
2020-07-07 00:00:00
cvelist
cvelist
CVE-2018-17057
2018-09-14 20:00:00
ubuntucve
ubuntucve
CVE-2018-17057
2018-09-14 00:00:00
exploitpack
exploitpack
LimeSurvey 3.16 - Remote Code Execution
2019-04-02 00:00:00
exploitdb
exploitdb
LimeSurvey < 3.16 - Remote Code Execution
2019-04-02 00:00:00
nvd
nvd
CVE-2018-17057
2018-09-14 20:29:00
openvas
openvas
Moodle < 3.5.7, 3.6.x < 3.6.5, 3.7.x < 3.7.1 Multiple Vulnerabilities
2019-08-06 00:00:00