CVE-2025-65875

CVSS 8.8 HIGHEPSS 0.4%CWE-434

An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://advisories.gitlab.com/pkg/composer/tecnickcom/tc-lib-pdf-font/CVE-2024-56520/https://github.com/Setasign/FPDF http://www.fpdf.org