VDB

GCVE-110-MAGEIA-2017-67

GCVE-110-MAGEIA-2017-67
Advisory Published
Vulnetix · Advisory published February 26, 2017
A local file inclusion vulnerability in TCPDF allows to upload files from the server generating PDF files to an external FTP server (CVE-2017-6100). The updated php-tcpdf-6.0.098-1.1.mga5 package fixes this issue by setting K_TCPDF_CALLS_IN_HTML configuration parameter to false by default.

Affected Products

VendorProductVersionsPlatforms
Mageiaphp-tcpdf0 (affected), 6.0.098-1.1.mga5 (unaffected), 6.0.098-1.1.mga5 (unaffected), 0 (affected)
Mageiaguvcview0 (affected), 2.0.5-4.1.mga6 (unaffected)

Browse GCVE Records

72,337 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›