Rewterz Threat Advisory – CVE-2021-30762; CVE-2021-30761 – Multiple Apple iOS and iPadOS Vulnerabilities
June 15, 2021Rewterz Threat Advisory – Google ChromeOS Code Execution Vulnerability
June 15, 2021Rewterz Threat Advisory – CVE-2021-30762; CVE-2021-30761 – Multiple Apple iOS and iPadOS Vulnerabilities
June 15, 2021Rewterz Threat Advisory – Google ChromeOS Code Execution Vulnerability
June 15, 2021Severity
Medium
Analysis Summary
CVE-2021-31811
Apache PDFBox is vulnerable to a denial of service, caused by an out-of-memory exception while loading a file. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2021-31812
Apache PDFBox is vulnerable to a denial of service, caused by an error while loading a file. By persuading a victim to open a specially-crafted PDF file, a remote attacker could exploit this vulnerability to cause the system to enter into an infinite loop.
Impact
- Denial of service
Affected Vendors
Apache
Affected Products
- Apache PDFBox 2.0.0
- Apache PDFBox 2.0.10
- Apache PDFBox 2.0.11
- Apache PDFBox 2.0.14
- Apache PDFBox 2.0.21
- Apache PDFBox 2.0.23
Remediation
Upgrade to the latest version of PDFBox (2.0.24 or later), available from the Apache Web site.