CVE-2024-22640
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-22640
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22640.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-22640
- Aliases
- Related
- Published
- 2024-04-19T16:15:09Z
- Modified
- 2025-06-03T16:53:10.028775Z
- Downstream
- Summary
- [none]
- Details
-
TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
- References
Affected packages
Debian:11 / tcpdf
Package
- Name
- tcpdf
- Purl
- pkg:deb/debian/tcpdf?arch=source
Debian:12 / tcpdf
Package
- Name
- tcpdf
- Purl
- pkg:deb/debian/tcpdf?arch=source
Debian:13 / tcpdf
Package
- Name
- tcpdf
- Purl
- pkg:deb/debian/tcpdf?arch=source
Git / github.com/tecnickcom/tcpdf
Affected ranges
- Type
- GIT
- Repo
- https://github.com/tecnickcom/tcpdf
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
6.*
6.0.013
6.0.014
6.0.015
6.0.016
6.0.017
6.0.018
6.0.019
6.0.020
6.0.021
6.0.022
6.0.023
6.0.024
6.0.025
6.0.026
6.0.027
6.0.028
6.0.029
6.0.030
6.0.031
6.0.032
6.0.033
6.0.034
6.0.035
6.0.036
6.0.037
6.0.038
6.0.039
6.0.040
6.0.041
6.0.042
6.0.043
6.0.044
6.0.045
6.0.046
6.0.047
6.0.048
6.0.049
6.0.050
6.0.051
6.0.052
6.0.053
6.0.054
6.0.055
6.0.056
6.0.057
6.0.058
6.0.059
6.0.060
6.0.061
6.0.062
6.0.063
6.0.064
6.0.065
6.0.066
6.0.067
6.0.068
6.0.069
6.0.070
6.0.071
6.0.072
6.0.073
6.0.074
6.0.075
6.0.076
6.0.077
6.0.078
6.0.079
6.0.080
6.0.081
6.0.082
6.0.083
6.0.084
6.0.085
6.0.086
6.0.087
6.0.088
6.0.089
6.0.090
6.0.091
6.0.092
6.0.093
6.0.094
6.0.095
6.0.096
6.0.097
6.0.098
6.0.099
6.1.0
6.1.1
6.2.0
6.2.1
6.2.10
6.2.11
6.2.12
6.2.13
6.2.16
6.2.17
6.2.19
6.2.2
6.2.20
6.2.21
6.2.22
6.2.23
6.2.25
6.2.26
6.2.3
6.2.4
6.2.5
6.2.6
6.2.7
6.2.8
6.2.9
6.3.0
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.5.0
6.6.0
6.6.1
6.6.2
6.7.4
Other
OLDv6