In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 May 2021, 16:16
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:apache:pdfbox:1.8.14:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.1:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.2:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.4:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.10:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.5:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.15:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.13:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.0:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.3:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.3:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.11:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.10:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.5:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.7:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.6:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.9:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.12:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.6:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.8:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.7:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:1.8.4:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.11:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.9:*:*:*:*:*:*:* |
cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:2.0.0:-:*:*:*:*:*:* cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0:*:*:*:*:*:*:* cpe:2.3:a:apache:pdfbox:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:* |
References | (N/A) https://www.oracle.com/security-alerts/cpuapr2020.html - Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/ - Mailing List, Third Party Advisory | |
References | (MLIST) https://lists.apache.org/thread.html/r54594251369e14c185da9662a5340a52afbbdf75d61c9c3a69c8f2e8@%3Cdev.pdfbox.apache.org%3E - Mailing List, Vendor Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/ - Mailing List, Third Party Advisory |
Information
Published : 2018-10-05 20:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-11797
Mitre link : CVE-2018-11797
CVE.ORG link : CVE-2018-11797
JSON object : View
Products Affected
apache
- pdfbox
fedoraproject
- fedora
oracle
- retail_xstore_point_of_service
CWE