pdfbox is vulnerable to denial of service (DoS) attacks. The vulnerability exists during computation made when parsing the page tree, causing a DoS attack.
CPE | Name | Operator | Version |
---|---|---|---|
apache pdfbox | le | 2.0.11 | |
apache pdfbox | le | 1.8.15 | |
libpdfbox-java:bionic | eq | 1:1.8.13-2 | |
libpdfbox2-java:bionic | eq | 2.0.9-1 |
github.com/apache/pdfbox/commit/4fa98533358c106522cd1bfe4cd9be2532af852a
lists.apache.org/thread.html/645574bc50b886d39c20b4065d51ccb1cd5d3a6b4750a22edbb565eb@%3Cannounce.apache.org%3E
lists.apache.org/thread.html/a9760973a873522f4d4c0a99916ceb74f361d91006b663a0a418d34a@%3Cannounce.apache.org%3E
lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E
lists.debian.org/debian-lts-announce/2018/10/msg00008.html
lists.fedoraproject.org/archives/list/[email protected]/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/
lists.fedoraproject.org/archives/list/[email protected]/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/
www.oracle.com/security-alerts/cpuapr2020.html