← All advisories

High severityNVD Advisory· Published Dec 27, 2024· Updated Mar 24, 2025

CVE-2024-56521

CVE-2024-56521

Description

An issue was discovered in TCPDF before 6.8.0. If libcurl is used, CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER are set unsafely.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
tecnickcom/tcpdfPackagist	< 6.8.0	6.8.0

Affected products

2

ghsa-coords
pkg:composer/tecnickcom/tcpdf
Range: < 6.8.0
tecnick/tcpdfv5
Range: 0

Patches

Vulnerability mechanics

References

5

github.com/advisories/GHSA-9mgx-552f-59p6ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-56521ghsaADVISORY
github.com/tecnickcom/TCPDF/commit/aab43ab0a824e956276141a28a24c7c0be20f554ghsaWEB
github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0ghsaWEB
tcpdf.orgghsaWEB

News mentions

0

No linked articles in our index yet.