📦 Tcpdf
by Tcpdf Project
🔍 What is Tcpdf?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability in TCPDF before version 6.8.0 disables SSL certificate verification when libcurl is used, allowing man-in-the-middle attacks. Any application using TCPDF with libcurl for HTTPS conn...
This vulnerability in TCPDF allows cross-site scripting (XSS) attacks through unescaped error messages. Attackers can inject malicious scripts that execute when users view error pages. Any application...
This vulnerability in TCPPDF allows cross-site scripting (XSS) attacks via malicious SVG files. Attackers can inject JavaScript through the font-family attribute in SVG content, which executes when th...
TCPDF versions 6.6.5 and earlier contain a Regular Expression Denial of Service (ReDoS) vulnerability when processing untrusted SVG files. Attackers can craft malicious SVG files that cause excessive ...
TCPDF versions up to 6.6.5 contain a ReDoS vulnerability in color parsing that allows attackers to cause denial of service by providing specially crafted HTML with malicious color values. This affects...
A Local File Inclusion (LFI) vulnerability in TCPDF 6.7.5 allows attackers to read arbitrary files from the server's file system through malicious <img> src tags in PDF generation. This can expose sen...