Описание
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | pdfbox | Out of support scope | ||
| Red Hat JBoss BRMS 6 | pdfbox | Out of support scope | ||
| Red Hat JBoss Data Virtualization 6 | pdfbox | Out of support scope | ||
| Red Hat JBoss Fuse 6 | pdfbox | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | pdfbox | Out of support scope | ||
| Red Hat Satellite 5 | nutch | Will not fix | ||
| Red Hat Fuse 7.7.0 | pdfbox | Fixed | RHSA-2020:3192 | 28.07.2020 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-674
https://bugzilla.redhat.com/show_bug.cgi?id=1637492pdfbox: unbounded computation in parser resulting in a denial of service
EPSS
Процентиль: 81%
0.0162
Низкий
5.5 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 7 лет назад
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
CVSS3: 5.5
nvd
больше 7 лет назад
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
CVSS3: 5.5
debian
больше 7 лет назад
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully c ...
EPSS
Процентиль: 81%
0.0162
Низкий
5.5 Medium
CVSS3