CVE-2018-11797

Summary

In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache PDFBox1.8.0 to 1.8.15affected
Apache Software FoundationApache PDFBox2.0.0RC1 to 2.0.11affected

Weaknesses

  • DoS vulnerability

ADP Enrichment

CVE Program Container

Additional References

References