VDB
GCVE-110-MAGEIA-2025-59
GCVE-110-MAGEIA-2025-59
Advisory Published
An issue was discovered in TCPDF before 6.8.0. setSVGStyles does not
sanitize the SVG font-family attribute. (CVE-2024-56519)
An issue was discovered in TCPDF before 6.8.0. If libcurl is used,
CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.
(CVE-2024-56521)
An issue was discovered in TCPDF before 6.8.0. unserializeTCPDFtag uses
!= (aka loose comparison) and does not use a constant-time function to
compare TCPDF tag hashes. (CVE-2024-56522)
An issue was discovered in TCPDF before 6.8.0. The Error function lacks
an htmlspecialchars call for the error message. (CVE-2024-56527)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | php-tcpdf | 0 (affected), 6.5.0-1.3.mga9 (unaffected), 0 (affected), 6.5.0-1.3.mga9 (unaffected) | — |
| Mageia | libvirt | 0 (affected), 9.10.0-1.mga9 (unaffected) | — |
References
Updated libvirt packages fix bug
advisory
Browse GCVE Records
73,442 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.