{"package":"spoonity/tcpdf","ecosystem":"composer","latest_version":"6.2.12","description":"TCPDF is a PHP class for generating PDF documents and barcodes.","license":"LGPLv3","license_risk":"weak_copyleft","commercial_use_notes":"LGPL: dynamic linking from closed-source is OK; static linking triggers source disclosure.","homepage":"http://www.tcpdf.org/","repository":"https://github.com/Spoonity/TCPDF","downloads_weekly":0,"health":{"score":32,"risk":"critical","breakdown":{"maintenance":0,"popularity":0,"security":15,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":1,"high":0,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2018-17057","severity":"critical","summary":"TCPDF vulnerable to attackers triggering deserialization of arbitrary data","affected_versions":"<6.2.22|<6.2.22|<6.2.22|<6.2.22|=6.0.013|=6.0.014|=6.0.015|=6.0.016|=6.0.017|=6.0.018|=6.0.019|=6.0.020|=6.0.021|=6.0.022|=6.0.023|=6.0.024|=6.0.025|=6.0.026|=6.0.027|=6.0.028|=6.0.029|=6.0.030|=6.0.031|=6.0.032|=6.0.033|=6.0.034|=6.0.035|=6.0.036|=6.0.037|=6.0.038|=6.0.039|=6.0.040|=6.0.041|=6.0.042|=6.0.043|=6.0.044|=6.0.045|=6.0.046|=6.0.047|=6.0.048|=6.0.049|=6.0.050|=6.0.051|=6.0.052|=6.0.053|=6.0.054|=6.0.055|=6.0.056|=6.0.057|=6.0.058|=6.0.059|=6.0.060|=6.0.061|=6.0.062|=6.0.063|=6.0.064|=6.0.065|=6.0.066|=6.0.067|=6.0.068|=6.0.069|=6.0.070|=6.0.071|=6.0.072|=6.0.073|=6.0.074|=6.0.075|=6.0.076|=6.0.077|=6.0.078|=6.0.079|=6.0.080|=6.0.081|=6.0.082|=6.0.083|=6.0.084|=6.0.085|=6.0.086|=6.0.087|=6.0.088|=6.0.089|=6.0.090|=6.0.091|=6.0.092|=6.0.093|=6.0.094|=6.0.095|=6.0.096|=6.0.097|=6.0.098|=6.0.099|=6.1.0|=6.1.1|=6.2.0|=6.2.1|=6.2.10|=6.2.11|=6.2.12|=6.2.13|=6.2.16|=6.2.17|=6.2.19|=6.2.2|=6.2.20|=6.2.21|=6.2.3|=6.2.4|=6.2.5|=6.2.6|=6.2.7|=6.2.8|=6.2.9|=6.0.013|=6.0.014|=6.0.015|=6.0.016|=6.0.017|=6.0.018|=6.0.019|=6.0.020|=6.0.021|=6.0.022|=6.0.023|=6.0.024|=6.0.025|=6.0.026|=6.0.027|=6.0.028|=6.0.029|=6.0.030|=6.0.031|=6.0.032|=6.0.033|=6.0.034|=6.0.035|=6.0.036|=6.0.037|=6.0.038|=6.0.039|=6.0.040|=6.0.041|=6.0.042|=6.0.043|=6.0.044|=6.0.045|=6.0.046|=6.0.047|=6.0.048|=6.0.049|=6.0.050|=6.0.051|=6.0.052|=6.0.053|=6.0.054|=6.0.055|=6.0.056|=6.0.057|=6.0.058|=6.0.059|=6.0.060|=6.0.061|=6.0.062|=6.0.063|=6.0.064|=6.0.065|=6.0.066|=6.0.067|=6.0.068|=6.0.069|=6.0.070|=6.0.071|=6.0.072|=6.0.073|=6.0.074|=6.0.075|=6.0.076|=6.0.077|=6.0.078|=6.0.079|=6.0.080|=6.0.081|=6.0.082|=6.0.083|=6.0.084|=6.0.085|=6.0.086|=6.0.087|=6.0.088|=6.0.089|=6.0.090|=6.0.091|=6.0.092|=6.0.093|=6.0.094|=6.0.095|=6.0.096|=6.0.097|=6.0.098|=6.0.099|=6.1.0|=6.1.1|=6.2.0|=6.2.1|=6.2.10|=6.2.11|=6.2.12|=6.2.13|=6.2.2|=6.2.3|=6.2.4|=6.2.5|=6.2.6|=6.2.7|=6.2.8|=6.2.9|=6.0.013|=6.0.014|=6.0.015|=6.0.016|=6.0.017|=6.0.018|=6.0.019|=6.0.020|=6.0.021|=6.0.022|=6.0.023|=6.0.024|=6.0.025|=6.0.026|=6.0.027|=6.0.028|=6.0.029|=6.0.030|=6.0.031|=6.0.032|=6.0.033|=6.0.034|=6.0.035|=6.0.036|=6.0.037|=6.0.038|=6.0.039|=6.0.040|=6.0.041|=6.0.042|=6.0.043|=6.0.044|=6.0.045|=6.0.046|=6.0.047|=6.0.048|=6.0.049|=6.0.050|=6.0.051|=6.0.052|=6.0.053|=6.0.054|=6.0.055|=6.0.056|=6.0.057|=6.0.058|=6.0.059|=6.0.060|=6.0.061|=6.0.062|=6.0.063|=6.0.064|=6.0.065|=6.0.066|=6.0.067|=6.0.068|=6.0.069|=6.0.070|=6.0.071|=6.0.072|=6.0.073|=6.0.074|=6.0.075|=6.0.076|=6.0.077|=6.0.078|=6.0.079|=6.0.080|=6.0.081|=6.0.082|=6.0.083|=6.0.084|=6.0.085|=6.0.086|=6.0.087|=6.0.088|=6.0.089|=6.0.090|=6.0.091|=6.0.092|=6.0.093|=6.0.094|=6.0.095|=6.0.096|=6.0.097|=6.0.098|=6.0.099|=6.1.0|=6.1.1|=6.2.0|=6.2.1|=6.2.10|=6.2.11|=6.2.12|=6.2.13|=6.2.14|=6.2.2|=6.2.3|=6.2.4|=6.2.5|=6.2.6|=6.2.7|=6.2.8|=6.2.9|=6.0.013|=6.0.014|=6.0.015|=6.0.016|=6.0.017|=6.0.018|=6.0.019|=6.0.020|=6.0.021|=6.0.022|=6.0.023|=6.0.024|=6.0.025|=6.0.026|=6.0.027|=6.0.028|=6.0.029|=6.0.030|=6.0.031|=6.0.032|=6.0.033|=6.0.034|=6.0.035|=6.0.036|=6.0.037|=6.0.038|=6.0.039|=6.0.040|=6.0.041|=6.0.042|=6.0.043|=6.0.044|=6.0.045|=6.0.046|=6.0.047|=6.0.048|=6.0.049|=6.0.050|=6.0.051|=6.0.052|=6.0.053|=6.0.054|=6.0.055|=6.0.056|=6.0.057|=6.0.058|=6.0.059|=6.0.060|=6.0.061|=6.0.062|=6.0.063|=6.0.064|=6.0.065|=6.0.066|=6.0.067|=6.0.068|=6.0.069|=6.0.070|=6.0.071|=6.0.072|=6.0.073|=6.0.074|=6.0.075|=6.0.076|=6.0.077|=6.0.078|=6.0.079|=6.0.080|=6.0.081|=6.0.082|=6.0.083|=6.0.084|=6.0.085|=6.0.086|=6.0.087|=6.0.088|=6.0.089|=6.0.090|=6.0.091|=6.0.092|=6.0.093|=6.0.094|=6.0.095|=6.0.096|=6.0.097|=6.0.098|=6.0.099|=6.1.0|=6.1.1|=6.2.0|=6.2.1|=6.2.10|=6.2.11|=6.2.12|=6.2.2|=6.2.3|=6.2.4|=6.2.5|=6.2.6|=6.2.7|=6.2.8|=6.2.9","fixed_version":"6.2.22","source":"osv","published_at":"2022-10-06T19:53:20Z","in_kev":false,"epss_prob":0.52126,"epss_percentile":0.97932,"threat_tier":"likely_exploited"}],"actively_exploited_count":0,"likely_exploited_count":1},"versions":{"latest":"6.2.12","total_count":102,"recent":["6.2.12","6.2.11","6.2.10","6.2.9","6.2.8","6.2.7","6.2.6","6.2.5","6.2.4","6.2.3","6.2.2","6.2.1","6.2.0","6.1.1","6.1.0","6.0.099","6.0.098","6.0.097","6.0.096","6.0.095"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":null,"last_published":"2015-09-12T10:08:34+00:00","dependencies_count":1,"dependencies":["php"]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"do_not_use","issues":["Low health score (32/100)","1 critical vulnerabilities"],"use_version":"6.2.12","version_hint":"Update to >= 6.2.22 to fix known vulnerabilities","summary":"spoonity/tcpdf has critical vulnerabilities — do not use"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":371,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":3883,"avg_days_between_releases":null,"release_velocity":"stale"}}