Lucene search
K

4 matches found

Snyk
Snyk
added 2026/04/10 8:59 p.m.2 views

XML Entity Expansion

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to XML Entity Expansion when parsing XMP metadata. An attacker can cause excessive memory consumption with excessive DOCTYPE entity...

6.9CVSS5.8AI score0.00423EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2017/02/14 4:41 p.m.5 views

pdfbox: XML External Entity vulnerability

It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks...

7.8CVSS5.8AI score0.04758EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2016/05/27 9:48 a.m.28 views

CVE-2016-2175

It was found that the parsing of XMP and other XML formats in PDF by Apache PDFBox would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks...

7.8CVSS5.9AI score0.04758EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2016/05/27 9:18 a.m.40 views

CVE-2016-4434

It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XX...

7.8CVSS5.4AI score0.03449EPSS
Exploits0References1
Rows per page
Query Builder