This repository has been archived by the owner on Jan 28, 2021. It is now read-only.
Remove pdfbox vulnerability #100
Comments
danhaywood
added a commit
that referenced
this issue
Jan 15, 2019
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
as per security alert raised automatically
https://github.com/incodehq/incode-platform/network/alert/modules/pom.xml/org.apache.pdfbox:pdfbox/open
1 org.apache.pdfbox:pdfbox vulnerability found in modules/pom.xml on 17 Oct 2018
org.apache.pdfbox pdfbox [2.0.12,) Always verify the validity and compatibility of suggestions with your codebase.Remediation
Upgrade org.apache.pdfbox:pdfbox to version 2.0.12 or later. For example:
Details
CVE-2018-11797 More information
high severity
Vulnerable versions: >= 2.0.0, < 2.0.12
Patched version: 2.0.12
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
The text was updated successfully, but these errors were encountered: