Filtered by vendor Tcpdf Project
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-6100 | 1 Tcpdf Project | 1 Tcpdf | 2025-04-20 | N/A |
| tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP. | ||||
| CVE-2024-56527 | 1 Tcpdf Project | 1 Tcpdf | 2025-04-17 | 7.5 High |
| An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message. | ||||
| CVE-2024-56522 | 1 Tcpdf Project | 1 Tcpdf | 2025-04-17 | 7.5 High |
| An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes. | ||||
| CVE-2024-22641 | 1 Tcpdf Project | 1 Tcpdf | 2025-02-13 | 7.5 High |
| TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. | ||||
| CVE-2024-51058 | 1 Tcpdf Project | 1 Tcpdf | 2024-11-26 | 6.2 Medium |
| Local File Inclusion (LFI) vulnerability has been discovered in TCPDF 6.7.5. This vulnerability enables a user to read arbitrary files from the server's file system through <img> src tag, potentially exposing sensitive information. | ||||
Page 1 of 1.