PT-2025-31943 · Fpdi+1 · Fpdi+1
N0Zom1Z0
·
Published
2025-08-05
·
Updated
2025-08-06
·
CVE-2025-54869
CVSS v4.0
6.0
Medium
| Vector | AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
FPDI versions 2.6.2 and below
Description
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. A malicious PDF file can cause a server-side script to crash due to memory exhaustion, leading to a Denial of Service (DoS). Repeated attacks can lead to sustained service unavailability.
Recommendations
Update to version 2.6.3 or later.
Exploit
Fix
DoS
Allocation of Resources Without Limits
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Debian
Fpdi