Lucene search
GitHub Advisory DatabaseGHSA-MX3P-FHPW-X6RVHistoryApr 19, 2024 - 6:31 p.m.
TCPDF vulnerable to Regular Expression Denial of Service
2024-04-1918:31:11
CWE-1333
GitHub Advisory Database
github.com
7
tcpdf
vulnerability
regular expression denial of service
parsing
untrusted html
crafted color
TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
Affected configurations
Node
tecnickcomtcpdfRange≤6.7.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| tecnickcom/tcpdf | le | 6.7.4 |
References
github.com/advisories/GHSA-mx3p-fhpw-x6rv
github.com/tecnickcom/TCPDF
github.com/tecnickcom/TCPDF/commit/05f3a28f4a7905019469e040cf77e53d6aa7f679
github.com/zunak/CVE-2024-22640
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LIB3R2WB7XPW2I4PGVMZ3VLFLRHOK4RB
nvd.nist.gov/vuln/detail/CVE-2024-22640
Related
fedora
fedora
[SECURITY] Fedora 40 Update: php-tcpdf-6.7.5-1.fc40
2024-05-02 01:57:45
cve
cve
CVE-2024-22640
2024-04-19 16:15:09
cvelist
cvelist
CVE-2024-22640
2024-04-19 00:00:00
nvd
nvd
CVE-2024-22640
2024-04-19 16:15:09
openvas
openvas
Fedora: Security Advisory for php-tcpdf (FEDORA-2024-27eafd0e65)
2024-05-27 00:00:00
Mageia: Security Advisory (MGASA-2024-0169)
2024-05-09 00:00:00
ubuntucve
ubuntucve
CVE-2024-22640
2024-04-19 00:00:00
debiancve
debiancve
CVE-2024-22640
2024-04-19 16:15:09
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2024-04-22 05:33:51
osv
osv
TCPDF vulnerable to Regular Expression Denial of Service
2024-04-19 18:31:11
nessus
nessus
Fedora 40 : php-tcpdf (2024-27eafd0e65)
2024-05-01 00:00:00
mageia
mageia
Updated php-tcpdf packages fix security vulnerability
2024-05-09 05:40:29