{"id":"CVE-2017-6100","details":"tcpdf before 6.2.0 uploads files from the server generating PDF-files to an external FTP.","modified":"2026-04-16T06:25:06.382097764Z","published":"2017-02-23T19:59:00.153Z","references":[{"type":"FIX","url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814030"},{"type":"FIX","url":"https://sourceforge.net/p/tcpdf/bugs/1005/"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2017/02/19/1"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tecnickcom/tcpdf","events":[{"introduced":"0"},{"last_affected":"3d5921442e7adde1ce225104118bc246a1933c65"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.1.1"}]}}],"versions":["6.0.013","6.0.014","6.0.015","6.0.016","6.0.017","6.0.018","6.0.019","6.0.020","6.0.021","6.0.022","6.0.023","6.0.024","6.0.025","6.0.026","6.0.027","6.0.028","6.0.029","6.0.030","6.0.031","6.0.032","6.0.033","6.0.034","6.0.035","6.0.036","6.0.037","6.0.038","6.0.039","6.0.040","6.0.041","6.0.042","6.0.043","6.0.044","6.0.045","6.0.046","6.0.047","6.0.048","6.0.049","6.0.050","6.0.051","6.0.052","6.0.053","6.0.054","6.0.055","6.0.056","6.0.057","6.0.058","6.0.059","6.0.060","6.0.061","6.0.062","6.0.063","6.0.064","6.0.065","6.0.066","6.0.067","6.0.068","6.0.069","6.0.070","6.0.071","6.0.072","6.0.073","6.0.074","6.0.075","6.0.076","6.0.077","6.0.078","6.0.079","6.0.080","6.0.081","6.0.082","6.0.083","6.0.084","6.0.085","6.0.086","6.0.087","6.0.088","6.0.089","6.0.090","6.0.091","6.0.092","6.0.093","6.0.094","6.0.095","6.0.096","6.0.097","6.0.098","6.0.099","6.1.0","6.1.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6100.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}