Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/771237?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/771237?format=api", "purl": "pkg:composer/tecnickcom/tcpdf@6.7.8", "type": "composer", "namespace": "tecnickcom", "name": "tcpdf", "version": "6.7.8", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "6.8.0", "latest_non_vulnerable_version": "6.8.0", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42313?format=api", "vulnerability_id": "VCID-9w5p-pk6t-pkeb", "summary": "An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56521", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.4892", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.49056", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56521" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56521", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56521" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091687", "reference_id": "1091687", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091687" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0", "reference_id": "6.7.8...6.8.0", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-31T18:39:50Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/commit/aab43ab0a824e956276141a28a24c7c0be20f554", "reference_id": "aab43ab0a824e956276141a28a24c7c0be20f554", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-31T18:39:50Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/commit/aab43ab0a824e956276141a28a24c7c0be20f554" }, { "reference_url": "https://github.com/advisories/GHSA-9mgx-552f-59p6", "reference_id": "GHSA-9mgx-552f-59p6", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-9mgx-552f-59p6" }, { "reference_url": "https://tcpdf.org", "reference_id": "tcpdf.org", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "8.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-31T18:39:50Z/" } ], "url": "https://tcpdf.org" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372389?format=api", "purl": "pkg:composer/tecnickcom/tcpdf@6.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/tecnickcom/tcpdf@6.8.0" } ], "aliases": [ "CVE-2024-56521", "GHSA-9mgx-552f-59p6" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9w5p-pk6t-pkeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42419?format=api", "vulnerability_id": "VCID-mfyb-t5sz-g7ed", "summary": "An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37458", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37636", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56519" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56519", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56519" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091685", "reference_id": "1091685", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091685" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0", "reference_id": "6.7.8...6.8.0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-02T19:28:41Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/commit/c9f41cbb84880bdb4fc3e0a9d287214d1ac4d7f4", "reference_id": "c9f41cbb84880bdb4fc3e0a9d287214d1ac4d7f4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-02T19:28:41Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/commit/c9f41cbb84880bdb4fc3e0a9d287214d1ac4d7f4" }, { "reference_url": "https://github.com/advisories/GHSA-4p8j-vhjm-6pvw", "reference_id": "GHSA-4p8j-vhjm-6pvw", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4p8j-vhjm-6pvw" }, { "reference_url": "https://tcpdf.org", "reference_id": "tcpdf.org", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-02T19:28:41Z/" } ], "url": "https://tcpdf.org" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372389?format=api", "purl": "pkg:composer/tecnickcom/tcpdf@6.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/tecnickcom/tcpdf@6.8.0" } ], "aliases": [ "CVE-2024-56519", "GHSA-4p8j-vhjm-6pvw" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfyb-t5sz-g7ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42533?format=api", "vulnerability_id": "VCID-s9np-7v18-suc7", "summary": "An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56527", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.65101", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00469", "scoring_system": "epss", "scoring_elements": "0.65001", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56527", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56527" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56527", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56527" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091689", "reference_id": "1091689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091689" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1", "reference_id": "11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-28T18:33:19Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0", "reference_id": "6.7.8...6.8.0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-28T18:33:19Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0" }, { "reference_url": "https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962add", "reference_id": "analysis-of-cve-2024-56527-dbdab6962add", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-28T18:33:19Z/" } ], "url": "https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962add" }, { "reference_url": "https://github.com/advisories/GHSA-qx95-cwh6-9mvq", "reference_id": "GHSA-qx95-cwh6-9mvq", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-qx95-cwh6-9mvq" }, { "reference_url": "https://tcpdf.org", "reference_id": "tcpdf.org", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "4.8", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-28T18:33:19Z/" } ], "url": "https://tcpdf.org" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372389?format=api", "purl": "pkg:composer/tecnickcom/tcpdf@6.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/tecnickcom/tcpdf@6.8.0" } ], "aliases": [ "CVE-2024-56527", "GHSA-qx95-cwh6-9mvq" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s9np-7v18-suc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42418?format=api", "vulnerability_id": "VCID-xsde-1m6b-j7ds", "summary": "An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56522", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36166", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35986", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56522" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56522", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56522" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56522", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-56522" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091688", "reference_id": "1091688", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091688" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0", "reference_id": "6.7.8...6.8.0", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-30T15:54:25Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0" }, { "reference_url": "https://github.com/tecnickcom/TCPDF/commit/d54b97cec33f4f1a5ad81119a82085cad93cec89", "reference_id": "d54b97cec33f4f1a5ad81119a82085cad93cec89", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-30T15:54:25Z/" } ], "url": "https://github.com/tecnickcom/TCPDF/commit/d54b97cec33f4f1a5ad81119a82085cad93cec89" }, { "reference_url": "https://github.com/advisories/GHSA-w95c-7994-ghpr", "reference_id": "GHSA-w95c-7994-ghpr", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-w95c-7994-ghpr" }, { "reference_url": "https://tcpdf.org", "reference_id": "tcpdf.org", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-30T15:54:25Z/" } ], "url": "https://tcpdf.org" }, { "reference_url": "https://www.php.net/manual/en/types.comparisons.php", "reference_id": "types.comparisons.php", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-12-30T15:54:25Z/" } ], "url": "https://www.php.net/manual/en/types.comparisons.php" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/372389?format=api", "purl": "pkg:composer/tecnickcom/tcpdf@6.8.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/tecnickcom/tcpdf@6.8.0" } ], "aliases": [ "CVE-2024-56522", "GHSA-w95c-7994-ghpr" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsde-1m6b-j7ds" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:composer/tecnickcom/tcpdf@6.7.8" }