Dependency Graph
View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
14824 | Bug reports | Security | public | 2019-04-30 08:55 | 2019-04-30 09:22 |
Reporter | bewi | Assigned To | c_schmitz | ||
Priority | none | Severity | minor | ||
Status | closed | Resolution | duplicate | ||
Product Version | 3.17.x | ||||
Fixed in Version | 3.17.x | ||||
Summary | 14824: old version of TCPDF | ||||
Description | An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper. | ||||
Tags | No tags attached. | ||||
Bug heat | 250 | ||||
Complete LimeSurvey version number (& build) | Version 3.17.1+190408 | ||||
I will donate to the project if issue is resolved | No | ||||
Browser | |||||
Database type & version | * | ||||
Server OS (if known) | |||||
Webserver software & version (if known) | |||||
PHP Version | * | ||||
duplicate of | 14670 | closed | DenisChenu | Remote Code Execution in Limesurvey <= 3.16.x via Deserialization Attack in "tcpdf" |
Date Modified | Username | Field | Change |
---|---|---|---|
2019-04-30 08:55 | bewi | New Issue | |
2019-04-30 09:22 | c_schmitz | Relationship added | duplicate of 14670 |
2019-04-30 09:22 | c_schmitz | Assigned To | => c_schmitz |
2019-04-30 09:22 | c_schmitz | Status | new => closed |
2019-04-30 09:22 | c_schmitz | Resolution | open => duplicate |
2019-04-30 09:22 | c_schmitz | Fixed in Version | => 3.17.x |