CVE-2024-41655

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Jul 23, 2024

Updated: Jul 24, 2024

CWE ID 1333

CWE ID 624

Summary

CVE-2024-41655 is a vulnerability affecting versions of the TF2 Item Format tool since 4.2.6 and before 5.9.14. This tool assists users in formatting Team Fortress 2 items to community standards. The issue lies in its Regular Expression parsing functionality, which is susceptible to a ReDoS attack. An attacker can take advantage of this vulnerability to launch Denial of Service (DoS) attacks against any service that utilizes `tf2-item-format` for user input parsing. The vulnerability has been addressed in version 5.9.14.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/xF-kyy
https://www.cve.org/CVERecord?id=CVE-2024-41655
https://nvd.nist.gov/vuln/detail/CVE-2024-41655

Back to Vulnerability Database

CVE-2024-41655

CVSS 3.1 Score 7.5 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations