CVE-2021-31812: In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior…

medium5.5CVSS 3.1

AVLACLPRNUIRSUCNINAH

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

Affected

18 ranges

Vendor	Product	Version range	Fixed in
apache	pdfbox	2.0.0 – 2.0.23	—
apache	tika	—	—
apache_software_foundation	apache_pdfbox	>= Apache PDFBox < 2.0.24	2.0.24
debian	libpdfbox-java	< libpdfbox2-java 2.0.24-1 (bookworm)	libpdfbox2-java 2.0.24-1 (bookworm)
debian	libpdfbox2-java	< libpdfbox2-java 2.0.24-1 (bookworm)	libpdfbox2-java 2.0.24-1 (bookworm)
fedoraproject	fedora	—	—
fedoraproject	fedora	—	—
oracle	banking_corporate_lending_process_management	—	—
oracle	banking_corporate_lending_process_management	—	—
oracle	banking_corporate_lending_process_management	—	—
oracle	banking_credit_facilities_process_management	—	—
oracle	banking_credit_facilities_process_management	—	—
oracle	banking_credit_facilities_process_management	—	—
oracle	banking_supply_chain_finance	—	—
oracle	banking_supply_chain_finance	—	—
oracle	banking_supply_chain_finance	—	—
oracle	communications_messaging_server	—	—
oracle	retail_customer_management_and_segmentation_foundation	—	—

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

osv5.5MEDIUM