ALT-PU-2025-7718-1
Package pdfbox updated to version 2.0.26-alt1_3jpp11 for branch sisyphus_riscv64.
Closed vulnerabilities
Published: 2018-10-05
BDU:2020-02659
Уязвимость Java-библиотеки Apache PDFBox программного обеспечения для торговли Oracle Retail Xstore Point of Service, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5)
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
Published: 2018-10-05
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-11797
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- [announce] 20181006 [UPDATE][CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
- [announce] 20181006 [UPDATE][CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
- [announce] 20181005 [CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
- [announce] 20181005 [CVE-2018-11797] DoS vulnerability in Apache PDFBox parser
- [pdfbox-dev] 20210518 CVE's
- [pdfbox-dev] 20210518 CVE's
- [debian-lts-announce] 20181016 [SECURITY] [DLA 1547-1] libpdfbox-java security update
- [debian-lts-announce] 20181016 [SECURITY] [DLA 1547-1] libpdfbox-java security update
- FEDORA-2019-6fa01d12b4
- FEDORA-2019-6fa01d12b4
- FEDORA-2019-9e91afa2be
- FEDORA-2019-9e91afa2be
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html
Published: 2018-07-03
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2018-8036
In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.
Severity: MEDIUM (6.5)
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- RHSA-2018:2669
- RHSA-2018:2669
- [users] 20180629 [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser
- [users] 20180629 [CVE-2018-8036] DoS (OOM) Vulnerability in Apache PDFBox's AFMParser
- [syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?
- [syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15?
- FEDORA-2019-6fa01d12b4
- FEDORA-2019-6fa01d12b4
- FEDORA-2019-9e91afa2be
- FEDORA-2019-9e91afa2be
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/security-alerts/cpuapr2020.html