VulnerableCode Package Details - pkg:composer/tecnickcom/tcpdf@6.8.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-9w5p-pk6t-pkeb	An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.	CVE-2024-56521 GHSA-9mgx-552f-59p6
VCID-mfyb-t5sz-g7ed	An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.	CVE-2024-56519 GHSA-4p8j-vhjm-6pvw
VCID-s9np-7v18-suc7	An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.	CVE-2024-56527 GHSA-qx95-cwh6-9mvq
VCID-xsde-1m6b-j7ds	An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.	CVE-2024-56522 GHSA-w95c-7994-ghpr

Vulnerability

Summary

Aliases

VCID-9w5p-pk6t-pkeb

An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.

CVE-2024-56521
GHSA-9mgx-552f-59p6

VCID-mfyb-t5sz-g7ed

An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not sanitize the SVG font-family attribute.

CVE-2024-56519
GHSA-4p8j-vhjm-6pvw

VCID-s9np-7v18-suc7

An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.

CVE-2024-56527
GHSA-qx95-cwh6-9mvq

VCID-xsde-1m6b-j7ds

An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses != (aka loose comparison) and does not use a constant-time function to compare TCPDF tag hashes.

CVE-2024-56522
GHSA-w95c-7994-ghpr

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T19:48:51.938225+00:00	GitLab Importer	Fixing	VCID-xsde-1m6b-j7ds	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56522.yml	38.6.0
2026-06-12T19:48:50.956176+00:00	GitLab Importer	Fixing	VCID-9w5p-pk6t-pkeb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56521.yml	38.6.0
2026-06-12T19:48:50.289862+00:00	GitLab Importer	Fixing	VCID-s9np-7v18-suc7	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56527.yml	38.6.0
2026-06-12T19:48:49.614511+00:00	GitLab Importer	Fixing	VCID-mfyb-t5sz-g7ed	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/tecnickcom/tcpdf/CVE-2024-56519.yml	38.6.0
2026-06-12T07:41:46.180043+00:00	GithubOSV Importer	Fixing	VCID-mfyb-t5sz-g7ed	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-4p8j-vhjm-6pvw/GHSA-4p8j-vhjm-6pvw.json	38.6.0
2026-06-12T07:41:44.138627+00:00	GithubOSV Importer	Fixing	VCID-xsde-1m6b-j7ds	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-w95c-7994-ghpr/GHSA-w95c-7994-ghpr.json	38.6.0
2026-06-12T07:41:39.443184+00:00	GithubOSV Importer	Fixing	VCID-s9np-7v18-suc7	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-qx95-cwh6-9mvq/GHSA-qx95-cwh6-9mvq.json	38.6.0
2026-06-12T07:41:39.305821+00:00	GithubOSV Importer	Fixing	VCID-9w5p-pk6t-pkeb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-9mgx-552f-59p6/GHSA-9mgx-552f-59p6.json	38.6.0