Vulnerability Database
289,871
Total vulnerabilities in the database
CVE-2024-22640
TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
| Software | From | Fixed in |
|---|---|---|
tecnickcom / tcpdf
|
- | 6.7.5 |
| tcpdf_project / tcpdf | - | 6.7.4.x |
| fedoraproject / fedora | 40 | 40.x |
- https://github.com/tecnickcom/TCPDF
- https://github.com/tecnickcom/TCPDF/commit/05f3a28f4a7905019469e040cf77e53d6aa7f679
- https://github.com/zunak/CVE-2024-22640
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIB3R2WB7XPW2I4PGVMZ3VLFLRHOK4RB
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIB3R2WB7XPW2I4PGVMZ3VLFLRHOK4RB/