| Bug | jessie | stretch | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2024-32489 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | TCPDF before 6.7.4 mishandles calls that use HTML syntax. |
| CVE-2024-22641 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Express ... |
| CVE-2024-22640 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denia ... |
| CVE-2018-17057 | vulnerable (no DSA, ignored) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in TCPDF before 6.2.22. Attackers can trigger ... |