{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-56527", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-12-27T15:10:22.945Z", "dateReserved": "2024-12-27T00:00:00", "datePublished": "2024-12-27T00:00:00"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "tcpdf", "vendor": "tecnick", "versions": [{"lessThan": "6.8.0", "status": "affected", "version": "0", "versionType": "semver"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:tecnick:tcpdf:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.8.0"}]}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-12-27T15:10:22.945Z"}, "references": [{"url": "https://tcpdf.org"}, {"url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0"}, {"url": "https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1"}, {"url": "https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962add"}], "x_generator": {"engine": "enrichogram 0.0.1"}}}, "dataVersion": "5.1"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in TCPDF before 6.8.0. The Error function lacks an htmlspecialchars call for the error message."}], "id": "CVE-2024-56527", "lastModified": "2024-12-27T15:15:13.580", "metrics": {}, "published": "2024-12-27T06:15:23.880", "references": [{"source": "cve@mitre.org", "url": "https://andrea0.medium.com/analysis-of-cve-2024-56527-dbdab6962add"}, {"source": "cve@mitre.org", "url": "https://github.com/tecnickcom/TCPDF/commit/11778aaa2d9e30a9ae1c1ee97ff349344f0ad6e1"}, {"source": "cve@mitre.org", "url": "https://github.com/tecnickcom/TCPDF/compare/6.7.8...6.8.0"}, {"source": "cve@mitre.org", "url": "https://tcpdf.org"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "cve@mitre.org", "type": "Secondary"}]}

{}