New to Telerik UI for ASP.NET AJAX? Start a free 30-day trial

Address Telerik Document Processing Security Vulnerability

Environment

Product	Telerik Document Processing
Version	Prior to 2025.1.205

Description

The February 2025 release of Telerik Document Processing resolves a Path traversal vulnerability:

CVE-2024-11343

Telerik UI for ASP.NET AJAX uses Telerik Document Processing packages and APIs for its Excel export features. Telerik UI for ASP.NET AJAX is NOT affected by the mentioned resolved vulnerability. This article exists only as a heads-up to customers who may be using Telerik Document Processing in their Telerik ASP.NET AJAX (Web Forms) applications.

This article describes potential next steps for developers working specifically with Telerik Document Processing.

Solution

No action is required if:

Your application is not referencing Telerik Document Processing packages explicitly.
Your application is not using Telerik.Zip APIs directly.

If your use case scenario is the opposite of the listed items above, then:

Get familiar with the vulnerabilities, their impact, and resolutions.
Upgrade Telerik Document Processing to version 2025.1.205 or later.

See Also

In this article

Environment Description Solution See Also

Not finding the help you need?

Contact Support

Improve this article