VYPR

Maven package

org.verapdf/library-jakarta

pkg:maven/org.verapdf/library-jakarta

Vulnerabilities (2)

  • CVE-2024-52800LowNov 29, 2024
    affected < 1.26.2fixed 1.26.2

    veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. This doesn't affect the standard validation and policy c

  • CVE-2024-28109HigMar 28, 2024
    affected < 1.24.2fixed 1.24.2

    veraPDF-library is a PDF/A validation library. Executing policy checks using custom schematron files invokes an XSL transformation that could lead to a remote code execution (RCE) vulnerability. This vulnerability is fixed in 1.24.2.