pdfbox · threatengine.sh

CVE-2026-33929

>= 2.0.24 and < 2.0.37

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache PDFBox Examples. This issu

4.3MEDIUM

CVE-2026-23907

>= 2.0.24 and <= 2.0.35

This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.35, from 3.0.0 through 3.0.6. Th

5.3MEDIUM

CVE-2021-31812

>= 2.0.0 and <= 2.0.23

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFB

5.5MEDIUM

CVE-2021-31811

>= 2.0.0 and <= 2.0.23

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apa

5.5MEDIUM

CVE-2021-27906

>= 2.0.0 and <= 2.0.22

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version

5.5MEDIUM

CVE-2021-27807

>= 2.0.0 and <= 2.0.22

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22

5.5MEDIUM

CVE-2019-0228

all versions

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External

9.8CRITICAL

CVE-2018-11797

>= 1.8.0 and <= 1.8.15

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running comput

5.5MEDIUM

CVE-2018-8036

> 1.8.0 and <= 1.8.14

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which l

6.5MEDIUM

CVE-2016-2175

all versions

Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent atta

7.8HIGH

apache pdfbox