CVE-2024-56527
7.5HIGHAn issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.
Published: 12/27/2024Updated: 11/3/2025
Description
An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message.
AI AnalysisPowered by AI
Affected Products
tcpdf_projecttcpdf
References
- https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962addExploitThird Party Advisory
- https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1Patch
- https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0Issue Tracking
- https://tcpdf.orgProduct
- https://lists.debian.org/debian-lts-announce/2025/06/msg00004.html