Security Advisories - spoonity/tcpdf - Packagist

spoonity/tcpdf Security Advisories for 6.2.9 (1)

[CRITICAL] Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.

PKSA-ccg9-cmkt-b4jm CVE-2018-17057 GHSA-5hw4-m7f3-hhx8

Affected version: <6.2.22

Reported by:
GitHub, FriendsOfPHP/security-advisories