Apache Tika 安全漏洞

Apache Tika is a collection of content extraction tools from the Apache Foundation that integrates POI an open source library that uses Java programs to provide read and write functionality for Microsoft Office format documents, Pdfbox a pure Java class library for reading and creating PDF...

cc.catalysts.boot:cat-boot-report-pdf (=0.0.10), com.bit-scout:pdf-converter (=1.0.0) +227 more potentially affected by CVE-2018-8036 via org.apache.pdfbox:pdfbox (>=1.8.0 <=1.8.14)

org.apache.pdfbox:pdfbox MAVEN version =1.8.0, =0.6, =0.9, =3.0, =1.3.3-2.10, =0.0.2, =0.0.2, =1.0, =1.0, =1.0, =1.3 and more Source cves: CVE-2018-8036 Source advisory: OSV:GHSA-J2XQ-PFFF-MVGG...

au.com.turingg:turingg-files (=0.0.1), au.com.turingg:turingg-mimak (=1.0.0) +65 more potentially affected by CVE-2018-8036 via org.apache.pdfbox:pdfbox (>=2.0.1 <=2.0.10)

org.apache.pdfbox:pdfbox MAVEN version =2.0.1, =1.0.0, =1.2, =0.9.2, =2.6.1, =2.6.2 - com.norconex.collectors:norconex-importer =2.6.1 - de.redsix:pdfcompare =1.1.32 - edu.usc.ir:sentiment-analysis-parser =0.1 - fr.pilato.elasticsearch.crawler:fscrawler =2.1 - io.bigconnect:dw-mime-type-detector...

GHSA-J2XQ-PFFF-MVGG Loop with Unreachable Exit Condition in Apache PDFBox

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted or fuzzed file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser...

Loop with Unreachable Exit Condition in Apache PDFBox

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted or fuzzed file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser...

Security Bulletin: Multiple security vulnerabilities with IBM FileNet Content Manager component in IBM Business Automation Workflow -CVE-2021-31811, CVE-2021-31812, CVE-2021-23926, CVE-2021-38965

Summary The embedded IBM FileNet Content Manager component, that is shipped with IBM Business Automation Workflow is vulnerable to multiple vulnerabilities. Vulnerability Details CVEID: CVE-2021-38965 DESCRIPTION: IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote...

Mageia: Security Advisory (MGASA-2021-0378)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0253)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2021-0184)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Apache PDFBox as used by IBM QRadar SIEM is vulnerable to denial of service (DOS) (CVE-2021-31811, CVE-2021-31812)

Summary Apache PDFBox as used by IBM QRadar SIEM is vulnerable to denial of service Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a victim to open a...

Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.6 release and security update

A minor version update from 1.4.2 to 1.6 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...

pdfbox: infinite loop while loading a crafted PDF file

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions...

Security Bulletin: Multiple Apache PDFBox security vulnerabilities

Summary FileNet Content Manager FNCM has multiple Apache PDFBox security vulnerabilities in Content Platform Engine CPE and Content Search Services CSS Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception...

Security Bulletin: IBM Watson Compare and Comply for IBM Cloud Pak for Data affected by vulnerability in Apache PDFBox

Summary IBM Watson Compare and Comply for IBM Cloud Pak for Data contains a vulnerable version of Apache PDFBox. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a...

Security Bulletin: IBM Security Risk Manager on CP4S is affected by multiple vulnerabilities

Summary IBM Security Risk Manager on CP4S has addressed the following vulnerabilities: Vulnerability Details CVEID: CVE-2020-5421 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to bypass security restrictions, caused by improper input validation. By using a...

Security Bulletin: Apache PDFBox Vulnerabilities Affect IBM Control Center (CVE-2021-31811, CVE-2021-31812)

Summary Apache PDFBox is vulnerable to denial of service due to possible out of memory or infinite looping conditions. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Apache PDFBox

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Apache PDFBox. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a victim to...

Security Bulletin: [All] Apache PDFBox (Publicly disclosed vulnerability)

Summary This Security Bulletin provides steps to manually upgrade ApachePDFBox for IBM DataQuant. Vulnerability Details CVEID: CVE-2021-31811 DESCRIPTION: Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a victim to open ...

pdfbox: OutOfMemory-Exception while loading a crafted PDF file

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions...

Moderate: Red Hat Security Advisory: Red Hat Integration Camel-K 1.4 release and security update

A minor version update from 1.3 to 1.4 is now available for Red Hat Integration Camel K that includes bug fixes and enhancements. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a...