5 matches found
OESA-2026-2240 pdfbox security update
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
Server-side Request Forgery (SSRF)
Overview @nocobase/plugin-workflow-request is a Send HTTP requests to any HTTP service for data interaction in workflow. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the workflow HTTP request and custom request plugins, which make server-side HTTP...
Server-side Request Forgery (SSRF)
Overview @nocobase/plugin-action-custom-request is a Sending a request to any HTTP service supports sending context data to the target service. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the workflow HTTP request and custom request plugins, which make...
CVE-2026-33929
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache PDFBox Examples. This issue affects the ExtractEmbeddedFiles example in Apache PDFBox: from 2.0.24 through 2.0.36, from 3.0.0 through 3.0.7. Users are recommended to update to version 2.0.37 or...
PT-2026-32604
Name of the Vulnerable Software and Affected Versions Apache PDFBox versions 2.0.24 through 2.0.36 Apache PDFBox versions 3.0.0 through 3.0.7 Description The ExtractEmbeddedFiles example contains a path traversal issue, which occurs when an application does not properly restrict the pathnames use...