tecnickcom/tcpdf Security Advisories for 6.0.040 (8)
- 
                        [HIGH] TCPDF has incorrect comparisonPKSA-wb9y-hg45-chz4 CVE-2024-56522 GHSA-w95c-7994-ghpr Affected version: <6.8.0 Reported by: 
 GitHub
- 
                        [MEDIUM] TCPDF missing character escape on error messagesPKSA-ys59-hzk7-wxt5 CVE-2024-56527 GHSA-qx95-cwh6-9mvq Affected version: <6.8.0 Reported by: 
 GitHub
- 
                        [MEDIUM] TCPDF lacks SVG sanitizationPKSA-tdkc-7xrw-d14c CVE-2024-56519 GHSA-4p8j-vhjm-6pvw Affected version: <6.8.0 Reported by: 
 GitHub
- 
                        [HIGH] TCPDF missing certificate validationPKSA-98jj-zbnk-dgwp CVE-2024-56521 GHSA-9mgx-552f-59p6 Affected version: <6.8.0 Reported by: 
 GitHub
- 
                        [MEDIUM] TCPDF Local File Inclusion vulnerabilityPKSA-62dz-rc7r-pb8r CVE-2024-51058 GHSA-rmv2-8jjc-23xw Affected version: <=6.7.5 Reported by: 
 GitHub
- 
                        [MEDIUM] TCPDF vulnerable to Regular Expression Denial of ServicePKSA-jwjn-w3mx-tq38 CVE-2024-22640 GHSA-mx3p-fhpw-x6rv Affected version: <=6.7.4 Reported by: 
 GitHub
- 
                        [MEDIUM] TCPDF Cross-site Scripting vulnerabilityPKSA-d3g2-dzgm-n74r CVE-2024-32489 GHSA-g9wg-98c2-qv3v Affected version: <6.7.4 Reported by: 
 GitHub
- 
                        [CRITICAL] Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.PKSA-jvj8-gbfh-v875 CVE-2018-17057 GHSA-5hw4-m7f3-hhx8 Affected version: <6.2.22 Reported by: 
 GitHub, FriendsOfPHP/security-advisories