In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox’s AFMParser.

References

bugzilla.redhat.com/show_bug.cgi?id=1597490

www.cve.org/CVERecord?id=CVE-2018-8036 https://nvd.nist.gov/vuln/detail/CVE-2018-8036 www.openwall.com/lists/oss-security/2018/06/29/1

prion 1

nessus 6

suse 2

ibm 10

osv 1

openvas 6

zdt 1

github 1

ubuntucve 1

veracode 1

nvd 1

cvelist 1

cve 1

debiancve 1

fedora 3

redhat 1

oracle 1

prion

Code injection

2018-07-03 20:29:00

nessus

openSUSE Security Update : apache-pdfbox (openSUSE-2019-670)

2019-03-27 00:00:00

openSUSE Security Update : apache-pdfbox (openSUSE-2018-975)

2018-09-07 00:00:00

openSUSE Security Update : apache-pdfbox (openSUSE-2018-1245)

2018-10-25 00:00:00

suse

Security update for apache-pdfbox (moderate)

2018-09-07 12:07:46

Security update for apache-pdfbox (moderate)

2018-10-24 15:18:40

ibm

Security Bulletin: A Vulnerability in Apache PDFBox Affects Transformation Extender

2018-11-12 19:00:02

Security Bulletin: Vulnerability in Apache PDFBox affects Apache Solr shipped with IBM Operations Analytics - Log Analysis (CVE-2018-8036)

2021-04-15 11:00:39

Security Bulletin: An Apache PDFBox security vulnerability has been identified with the embedded Content Manager used by IBM Business Automation Workflow (CVE-2018-8036)

2019-07-10 21:40:02

osv

Loop with Unreachable Exit Condition in Apache PDFBox

2022-05-13 01:53:29

openvas

SUSE: Security Advisory (SUSE-SU-2018:2630-1)

2021-06-09 00:00:00

openSUSE: Security Advisory for apache-pdfbox (openSUSE-SU-2018:2645-1)

2018-10-26 00:00:00

openSUSE: Security Advisory for apache-pdfbox (openSUSE-SU-2018:3384-1)

2018-10-25 00:00:00

zdt

Apache PDFBox 1.8.14 / 2.0.10 Denial Of Service Vulnerability

2018-07-04 00:00:00

github

Loop with Unreachable Exit Condition in Apache PDFBox

2022-05-13 01:53:29

ubuntucve

CVE-2018-8036

2018-07-03 00:00:00

veracode

Denial Of Service (DoS)

2018-07-02 07:11:50

nvd

CVE-2018-8036

2018-07-03 20:29:00

cvelist

CVE-2018-8036

2018-06-29 00:00:00

cve

CVE-2018-8036

2018-07-03 20:29:00

debiancve

CVE-2018-8036

2018-07-03 20:29:00

fedora

[SECURITY] Fedora 31 Update: pdfbox-2.0.16-1.fc31

2019-09-14 16:39:49

[SECURITY] Fedora 30 Update: pdfbox-2.0.16-1.fc30

2019-09-09 07:34:18

[SECURITY] Fedora 29 Update: pdfbox-2.0.16-1.fc29

2019-09-09 08:07:18

redhat

(RHSA-2018:2669) Important: Fuse 7.1 security update

2018-09-11 07:52:48

oracle

Oracle Critical Patch Update Advisory - April 2020

2020-04-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.007 Low

EPSS

Percentile

79.7%

JSON

Related for RH:CVE-2018-8036