Awaiting Analysis
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Products
TCPDF
- <=6.6.5
Source
cve@mitre.org
Tags
CVE-2024-22640 details
Published : April 19, 2024, 4:15 p.m.
Last Modified : April 19, 2024, 4:19 p.m.
Last Modified : April 19, 2024, 4:19 p.m.
Description
TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|
References
| URL | Source |
|---|---|
| https://github.com/tecnickcom/TCPDF | cve@mitre.org |
| https://github.com/zunak/CVE-2024-22640 | cve@mitre.org |
This website uses the NVD API, but is not approved or certified by it.