Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:composer/tecnickcom/tcpdf@6.0.025
purl pkg:composer/tecnickcom/tcpdf@6.0.025
Next non-vulnerable version 6.8.0
Latest non-vulnerable version 6.8.0
Risk 10.0
Vulnerabilities affecting this package (8)
Vulnerability Summary Fixed by
VCID-4kg7-j9zb-9ude
Aliases:
CVE-2024-56527
GHSA-qx95-cwh6-9mvq
6.8.0
Affected by 0 other vulnerabilities.
VCID-659t-wh1f-w7gw
Aliases:
CVE-2024-32489
GHSA-g9wg-98c2-qv3v
TCPDF Cross-site Scripting vulnerability TCPDF before 6.7.4 mishandles calls that use HTML syntax.
6.7.4
Affected by 6 other vulnerabilities.
VCID-9pb4-hjuy-pfa2
Aliases:
CVE-2024-51058
GHSA-rmv2-8jjc-23xw
6.7.6
Affected by 4 other vulnerabilities.
VCID-9x1s-t1eb-e3f7
Aliases:
CVE-2024-56521
GHSA-9mgx-552f-59p6
6.8.0
Affected by 0 other vulnerabilities.
VCID-h727-kak7-wfbr
Aliases:
CVE-2024-56519
GHSA-4p8j-vhjm-6pvw
6.8.0
Affected by 0 other vulnerabilities.
VCID-mtfb-keam-rbcj
Aliases:
CVE-2024-56522
GHSA-w95c-7994-ghpr
6.8.0
Affected by 0 other vulnerabilities.
VCID-tkxb-gdhj-hyb6
Aliases:
CVE-2024-22640
GHSA-mx3p-fhpw-x6rv
TCPDF vulnerable to Regular Expression Denial of Service TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
6.7.5
Affected by 5 other vulnerabilities.
VCID-yagk-nmcx-d3bv
Aliases:
CVE-2018-17057
GHSA-5hw4-m7f3-hhx8
Deserialization of Untrusted Data Attackers can trigger deserialization of arbitrary data via the `phar://` wrapper.
6.2.22
Affected by 7 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-01T08:27:25.053482+00:00 GitLab Importer Affected by VCID-mtfb-keam-rbcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56522.yml 38.6.0
2026-06-01T08:27:24.036498+00:00 GitLab Importer Affected by VCID-9x1s-t1eb-e3f7 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56521.yml 38.6.0
2026-06-01T08:27:23.282791+00:00 GitLab Importer Affected by VCID-4kg7-j9zb-9ude https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56527.yml 38.6.0
2026-06-01T08:27:22.546238+00:00 GitLab Importer Affected by VCID-h727-kak7-wfbr https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56519.yml 38.6.0
2026-06-01T08:24:47.626522+00:00 GitLab Importer Affected by VCID-9pb4-hjuy-pfa2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-51058.yml 38.6.0
2026-06-01T07:59:36.372340+00:00 GitLab Importer Affected by VCID-tkxb-gdhj-hyb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-22640.yml 38.6.0
2026-06-01T07:58:40.678892+00:00 GitLab Importer Affected by VCID-659t-wh1f-w7gw https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-32489.yml 38.6.0
2026-05-31T09:49:28.215820+00:00 GitLab Importer Affected by VCID-yagk-nmcx-d3bv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2018-17057.yml 38.6.0