CVE-2024-56521

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-56521

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-56521.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-56521

Aliases

GHSA-9mgx-552f-59p6

Related

Published

2024-12-27T05:15:07Z

Modified

2025-02-18T23:56:16.327555Z

Summary

[none]

Details

An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPTSSLVERIFYHOST and CURLOPTSSLVERIFYPEER are set unsafely.

References

Affected packages

Debian:11 / tcpdf

Package

Name: tcpdf
Purl: pkg:deb/debian/tcpdf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.3.5+dfsg1-1

6.4.2+dfsg1-1

6.4.4+dfsg1-1

6.5.0+dfsg1-1~bpo10+1

6.5.0+dfsg1-1

6.6.0+dfsg1-1

6.6.2+dfsg1-1~bpo11+1

6.6.2+dfsg1-1

6.6.3+dfsg1-1

6.6.5+dfsg-1

6.7.4+dfsg-1

6.7.5+dfsg-1

6.7.7+dfsg-1

6.8.0+dfsg-1~bpo12+1

6.8.0+dfsg-1

6.8.2+dfsg-1~bpo12+1

6.8.2+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / tcpdf

Package

Name: tcpdf
Purl: pkg:deb/debian/tcpdf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.6.2+dfsg1-1

6.6.3+dfsg1-1

6.6.5+dfsg-1

6.7.4+dfsg-1

6.7.5+dfsg-1

6.7.7+dfsg-1

6.8.0+dfsg-1~bpo12+1

6.8.0+dfsg-1

6.8.2+dfsg-1~bpo12+1

6.8.2+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / tcpdf

Package

Name: tcpdf
Purl: pkg:deb/debian/tcpdf?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.8.0+dfsg-1

Affected versions

6.*

6.6.2+dfsg1-1

6.6.3+dfsg1-1

6.6.5+dfsg-1

6.7.4+dfsg-1

6.7.5+dfsg-1

6.7.7+dfsg-1

6.8.0+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/tecnickcom/tcpdf

Affected ranges

Type: GIT
Repo: https://github.com/tecnickcom/tcpdf
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

aab43ab0a824e956276141a28a24c7c0be20f554

Affected versions

6.*

6.0.013

6.0.014

6.0.015

6.0.016

6.0.017

6.0.018

6.0.019

6.0.020

6.0.021

6.0.022

6.0.023

6.0.024

6.0.025

6.0.026

6.0.027

6.0.028

6.0.029

6.0.030

6.0.031

6.0.032

6.0.033

6.0.034

6.0.035

6.0.036

6.0.037

6.0.038

6.0.039

6.0.040

6.0.041

6.0.042

6.0.043

6.0.044

6.0.045

6.0.046

6.0.047

6.0.048

6.0.049

6.0.050

6.0.051

6.0.052

6.0.053

6.0.054

6.0.055

6.0.056

6.0.057

6.0.058

6.0.059

6.0.060

6.0.061

6.0.062

6.0.063

6.0.064

6.0.065

6.0.066

6.0.067

6.0.068

6.0.069

6.0.070

6.0.071

6.0.072

6.0.073

6.0.074

6.0.075

6.0.076

6.0.077

6.0.078

6.0.079

6.0.080

6.0.081

6.0.082

6.0.083

6.0.084

6.0.085

6.0.086

6.0.087

6.0.088

6.0.089

6.0.090

6.0.091

6.0.092

6.0.093

6.0.094

6.0.095

6.0.096

6.0.097

6.0.098

6.0.099

6.1.0

6.1.1

6.2.0

6.2.1

6.2.10

6.2.11

6.2.12

6.2.13

6.2.16

6.2.17

6.2.19

6.2.2

6.2.20

6.2.21

6.2.22

6.2.23

6.2.25

6.2.26

6.2.3

6.2.4

6.2.5

6.2.6

6.2.7

6.2.8

6.2.9

6.3.0

6.3.1

6.3.2

6.3.3

6.3.4

6.3.5

6.4.0

6.4.1

6.4.2

6.4.3

6.4.4

6.5.0

6.6.0

6.6.1

6.6.2

6.7.4

6.7.5

6.7.6

6.7.7

6.7.8

Other

OLDv6