Search CVE reports

Toggle filters

1 – 7 of 7 results

CVE-2021-31812

Low priority
Needs evaluation

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libpdfbox2-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2021-31811

Low priority
Needs evaluation

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libpdfbox2-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Ignored
Show less packages

CVE-2021-27906

Medium priority
Vulnerable

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libpdfbox2-java Needs evaluation Needs evaluation Vulnerable Vulnerable Not in release
Show less packages

CVE-2021-27807

Medium priority
Vulnerable

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
libpdfbox2-java Needs evaluation Needs evaluation Vulnerable Vulnerable Not in release
Show less packages

CVE-2019-0228

Medium priority
Not affected

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Not affected Not affected
libpdfbox2-java Not affected Not in release
Show less packages

CVE-2018-11797

Medium priority

Some fixes available 4 of 5

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Not affected Not affected Not affected Fixed Vulnerable
libpdfbox2-java Not affected Not affected Not affected Fixed Not in release
Show less packages

CVE-2018-8036

Low priority

Some fixes available 2 of 5

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.

2 affected packages

libpdfbox-java, libpdfbox2-java

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libpdfbox-java Not affected Not affected Not affected Fixed Vulnerable
libpdfbox2-java Not affected Not affected Not affected Fixed Not in release
Show less packages