VYPR

rpm package

suse/apache-pdfbox&distro=SUSE Linux Enterprise Module for Development Tools 15

pkg:rpm/suse/apache-pdfbox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015

Vulnerabilities (2)

  • CVE-2018-11797MedOct 5, 2018
    affected < 1.8.12-5.6.3fixed 1.8.12-5.6.3

    In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

  • CVE-2018-8036MedJul 3, 2018
    affected < 1.8.12-5.3.13fixed 1.8.12-5.3.13

    In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.