Description

TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

INFO

Published Date :

2024-04-19T00:00:00.000Z

Last Modified :

2025-11-04T17:14:19.948Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-22640 vulnerability.

Vendors Products
Fedoraproject
  • Fedora
Tcpdf Project
  • Tcpdf

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact