CVE-2024-8049

MEDIUM

Telerik Document Processing <2024.4.1106 - DoS

Title source: llm

Description

In Progress Telerik Document Processing Libraries, versions prior to 2024 Q4 (2024.4.1106), importing a document with unsupported features can lead to excessive processing, leading to excessive use of computing resources leaving the application process unavailable.

References (1)

[Vendor Advisory] https://docs.telerik.com/devtools/document-processing/knowledge-base/excessive-allocation-cve-2024-8049

Scores

CVSS v3 6.5

EPSS 0.0151

EPSS Percentile 81.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-834

Status published

Products (1)

progress/telerik_document_processing_libraries < 2024.4.1106

Published Nov 13, 2024

Tracked Since Feb 18, 2026