Release | Version |
---|---|
bullseye | 6.3.5+dfsg1-1 |
bookworm | 6.6.2+dfsg1-1 |
trixie | 6.7.5+dfsg-1 |
sid | 6.7.5+dfsg-1 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2024-32489 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | TCPDF before 6.7.4 mishandles calls that use HTML syntax. |
CVE-2024-22641 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Express ... |
CVE-2024-22640 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denia ... |
Bug | Description |
---|---|
TEMP-0000000-D91305 | tcpdf code execution via tcpdf tag |
CVE-2018-17057 | An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ... |
CVE-2017-6100 | tcpdf before 6.2.0 uploads files from the server generating PDF-files ... |