CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2024-22641: TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
Description
TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file.
Classification
CVE ID: CVE-2024-22641
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.04% (probability of being exploited)
EPSS Percentile: 11.98% (scored less or equal to compared to others)
EPSS Date: 2025-03-14 (when was this score calculated)