GHSA-mx3p-fhpw-x6rv
- Source
- https://github.com/advisories/GHSA-mx3p-fhpw-x6rv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/04/GHSA-mx3p-fhpw-x6rv/GHSA-mx3p-fhpw-x6rv.json
- Aliases
-
- CVE-2024-22640
- Published
- 2024-04-19T18:31:11Z
- Modified
- 2024-05-02T03:49:14.811534Z
- Summary
- TCPDF vulnerable to Regular Expression Denial of Service
- Details
-
TCPDF version <=6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
- References
Affected packages
Packagist / tecnickcom/tcpdf
Package
- Name
- tecnickcom/tcpdf
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0The exact introduced commit is unknownLast affected6.7.4
Affected versions
6.*
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
6.0.020
6.0.021
6.0.022
6.0.023
6.0.024
6.0.025
6.0.026
6.0.027
6.0.028
6.0.029
6.0.030
6.0.031
6.0.032
6.0.033
6.0.034
6.0.035
6.0.036
6.0.037
6.0.038
6.0.039
6.0.040
6.0.041
6.0.042
6.0.043
6.0.044
6.0.045
6.0.046
6.0.047
6.0.048
6.0.049
6.0.050
6.0.051
6.0.052
6.0.053
6.0.054
6.0.055
6.0.056
6.0.057
6.0.058
6.0.059
6.0.060
6.0.061
6.0.062
6.0.063
6.0.064
6.0.065
6.0.066
6.0.067
6.0.068
6.0.069
6.0.070
6.0.071
6.0.072
6.0.073
6.0.074
6.0.075
6.0.076
6.0.077
6.0.078
6.0.079
6.0.080
6.0.081
6.0.082
6.0.083
6.0.084
6.0.085
6.0.086
6.0.087
6.0.088
6.0.089
6.0.090
6.0.091
6.0.092
6.0.093
6.0.094
6.0.095
6.0.096
6.0.097
6.0.098
6.0.099
6.1.0
6.1.1
6.2.0
6.2.1
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
6.2.10
6.2.11
6.2.12
6.2.13
6.2.16
6.2.17
6.2.19
6.2.20
6.2.21
6.2.22
6.2.23
6.2.25
6.2.26
6.3.0
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
6.4.1
6.4.2
6.4.3
6.4.4
6.5.0
6.6.0
6.6.1
6.6.2
6.7.4