Search CVE reports
1 – 8 of 8 results
CVE-2021-31812
Low priorityIn Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpdfbox2-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2021-31811
Low priorityIn Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpdfbox2-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Ignored |
CVE-2021-27906
Medium priorityA carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpdfbox2-java | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable | Not in release |
CVE-2021-27807
Medium priorityA carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpdfbox2-java | Needs evaluation | Needs evaluation | Vulnerable | Vulnerable | Not in release |
CVE-2019-0228
Medium priorityApache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | — | — | — | Not affected | Not affected |
libpdfbox2-java | — | — | — | Not affected | Not in release |
CVE-2018-11797
Medium prioritySome fixes available 4 of 5
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Not affected | Not affected | Not affected | Fixed | Vulnerable |
libpdfbox2-java | Not affected | Not affected | Not affected | Fixed | Not in release |
CVE-2018-8036
Low prioritySome fixes available 2 of 5
In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.
2 affected packages
libpdfbox-java, libpdfbox2-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Not affected | Not affected | Not affected | Fixed | Vulnerable |
libpdfbox2-java | Not affected | Not affected | Not affected | Fixed | Not in release |
CVE-2016-2175
Medium prioritySome fixes available 1 of 3
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF.
1 affected packages
libpdfbox-java
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
libpdfbox-java | Not affected | Not affected | Not affected | Not affected | Vulnerable |