Search CVE reports
1 – 8 of 8 results
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libpdfbox2-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
2 affected packages
libpdfbox2-java, libpdfbox-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox2-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libpdfbox2-java | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libpdfbox2-java | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable |
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
2 affected packages
libpdfbox2-java, libpdfbox-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox2-java | — | — | — | Not affected |
| libpdfbox-java | — | — | — | Not affected |
Some fixes available 4 of 5
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Not affected | Not affected | Not affected | Fixed |
| libpdfbox2-java | Not affected | Not affected | Not affected | Fixed |
Some fixes available 2 of 5
In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.
2 affected packages
libpdfbox-java, libpdfbox2-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Not affected | Not affected | Not affected | Fixed |
| libpdfbox2-java | Not affected | Not affected | Not affected | Fixed |
Some fixes available 1 of 3
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF.
1 affected package
libpdfbox-java
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| libpdfbox-java | Not affected | Not affected | Not affected | Not affected |