CVE-2018-8036

Summary

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache PDFBox1.8.0 to 1.8.14affected
Apache Software FoundationApache PDFBox2.0.0RC1 to 2.0.10affected

Weaknesses

  • DoS (OOM) Vulnerability

ADP Enrichment

CVE Program Container

Additional References

References