Test ID:	1.3.6.1.4.1.25623.1.1.9.2024.9710210110199977299101
Category:	Fedora Local Security Checks
Title:	Fedora: Security Advisory (FEDORA-2024-afeeca72ce)
Summary:	The remote host is missing an update for the 'php-tcpdf' package(s) announced via the FEDORA-2024-afeeca72ce advisory.
Description:	Summary: The remote host is missing an update for the 'php-tcpdf' package(s) announced via the FEDORA-2024-afeeca72ce advisory. Vulnerability Insight: **Version 6.7.7** (2024-10-26) - Update regular expression to avoid ReDoS (**CVE-2024-22641**) - [PHP 8.4] Fix: Curl CURLOPT_BINARYTRANSFER deprecated #675 - SVG detection fix for inline data images #646 - Fix count svg #647 - Since the version 6.7.4, the '0' is considered like empty string and not displayed - Fixed handling of transparency in PDF/A mode in addExtGState method - Encrypt /DA string when document is encrypted - Improve quality of generated seed, avoid potential security pitfall - Try to use random_bytes() first if it's available - Do not include the server parameters in the generated seed, as they might contain sensitive data - Fix bug on _getannotsrefs when there are empty signature appearances but not other annot on a page - Fix SVG coordinate parser that caused drawing artifacts - Remove usage of xml_set_object() function Affected Software/OS: 'php-tcpdf' package(s) on Fedora 40. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-22641
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.