Mageia 9 MGASA-2024-0361: Critical tcpdf Vulnerability ReDoS Fix

mageia

November 12, 2024

TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file

Summary

TCPDF version 6.6.5 and before is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted SVG file. (CVE-2024-22641)

References

- https://bugs.mageia.org/show_bug.cgi?id=33731

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGK7LQSJONZPU3VOQTQ36UN6OAD6ZM4H/

- https://www.cve.org/CVERecord?id=CVE-2024-22641

Topics Covered

security advisory security update mageia redos php-tcpdf

Resolution

SRPMS

- 9/core/php-tcpdf-6.5.0-1.2.mga9

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 12 Nov 2024

URL: https://advisories.mageia.org/MGASA-2024-0361.html

Type: security

CVE: CVE-2024-22641

Topics Covered

security advisory security update mageia redos php-tcpdf

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 9 MGASA-2024-0361: Critical tcpdf Vulnerability ReDoS Fix

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 9 MGASA-2024-0361: Critical tcpdf Vulnerability ReDoS Fix

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!