2018-09-14 20:00:00
mitre
PUBLISHED
An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.