CVE-2018-11797

Опубликовано: 05 окт. 2018

Источник: debian

EPSS Низкий

Описание

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libpdfbox-java	fixed	1:1.8.16-1		package
libpdfbox-java	no-dsa		stretch	package
libpdfbox2-java	fixed	2.0.12-1		package

Примечания

https://www.openwall.com/lists/oss-security/2018/10/05/4
https://svn.apache.org/r1842131 (branch 2.0)
https://svn.apache.org/r1842278 (branch 1.8)

EPSS

Процентиль: 81%

0.0162

Низкий

Связанные уязвимости

CVE-2018-11797

CVSS3: 5.5

ubuntu

больше 7 лет назад

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

CVE-2018-11797

CVSS3: 5.5

redhat

больше 7 лет назад

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

CVE-2018-11797

CVSS3: 5.5

nvd

больше 7 лет назад

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

openSUSE-SU-2018:3798-1

suse-cvrf

около 7 лет назад

Security update for apache-pdfbox

SUSE-SU-2018:3755-1

suse-cvrf

около 7 лет назад

Security update for apache-pdfbox

EPSS

Процентиль: 81%

0.0162

Низкий