fossar/tcpdf-parser Security Advisories for 6.2.8 (1)
-
Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
PKSA-9cfd-hnsv-zq3v CVE-2018-17057
Affected version: <6.2.22
Reported by:
FriendsOfPHP/security-advisories