pkg:Debian/tcpdf

All known vulnerabilities

• CRITICAL9.8CVE-2024-56521TCPDF missing certificate validation
  from 0
• CRITICAL9.8CVE-2018-17057TCPDF vulnerable to attackers triggering deserialization of arbitrary data
  from 0, < 6.2.26+dfsg-1
• HIGH7.5CVE-2024-56527TCPDF missing character escape on error messages
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5TCPDF has incorrect comparison
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5TCPDF lacks SVG sanitization
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5TCPDF vulnerable to Regular Expression Denial of Service
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5TCPDF vulnerable to Regular Expression Denial of Service
  from 0, < 6.6.2+dfsg1-1+deb12u1
• HIGH7.5TCPDF vulnerable to Regular Expression Denial of Service
  from 0, < 6.3.5+dfsg1-1+deb11u1
• HIGH7.5tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP.
  from 0, < 6.2.12+dfsg2-1
• HIGH7.3tecnickcom/tc-lib-pdf-font mishandles fonts
  from 0, < 6.3.5+dfsg1-1+deb11u1
• MEDIUM6.2TCPDF Local File Inclusion vulnerability
  from 0, < 6.3.5+dfsg1-1+deb11u1
• MEDIUM6.1TCPDF Cross-site Scripting vulnerability
  from 0, < 6.3.5+dfsg1-1+deb11u1