CNNVD-202602-354 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-354
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
FPDF是Setasign GmbH & Co. KG开源的一个PDF文件生成工具。 FPDF 1.86及之前版本存在安全漏洞,该漏洞源于AddFont函数存在任意文件上传,可能导致执行任意代码。
Description (English)
FPDF is a PDF file generation tool for Setasign GmbH & Co. KG open source. There is a security loophole in the FPDF 1.86 and earlier versions, which stems from the fact that the AddFont function has any file upload that could lead to the enforcement of any code.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Setasign GmbH & Co. KG
Published
2026-02-03
Last Modified
2026-02-24
References
http://www.fpdf.org https://advisories.gitlab.com/pkg/composer/tecnickcom/tc-lib-pdf-font/CVE-2024-56520/ https://github.com/Setasign/FPDF
Share on: