CVE-2025-65875

CVSS 8.8 HIGHEPSS 0.4%CWE-434

An arbitrary file upload vulnerability in the AddFont() function of FPDF v1.86 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file.

CVSS:3.1/AC:L/AV:N/A:H/C:H/I:H/PR:L/S:U/UI:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://advisories.gitlab.com/pkg/composer/tecnickcom/tc-lib-pdf-font/CVE-2024-56520/https://github.com/Setasign/FPDF http://www.fpdf.org