Search for packages
| purl | pkg:deb/debian/libpdfbox-java@0.7.3.dfsg-2 |
| Next non-vulnerable version | 1:1.8.16-2 |
| Latest non-vulnerable version | 1:1.8.16-2 |
| Risk |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-jac2-1kyc-zuhh
Aliases: CVE-2016-2175 GHSA-4c32-xmgj-2g98 |
Improper Restriction of XML External Entity Reference Apache PDFBox does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted PDF. |
Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-qu7g-tuf1-87ab
Aliases: CVE-2018-11797 GHSA-gx96-vgf7-hwfg |
Improper Input Validation In Apache PDFBox, a carefully crafted PDF file can trigger an extremely long-running computation when parsing the page tree. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-06-06T00:37:42.943552+00:00 | Debian Oval Importer | Affected by | VCID-jac2-1kyc-zuhh | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-06T00:10:51.221301+00:00 | Debian Oval Importer | Affected by | VCID-qu7g-tuf1-87ab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 38.6.0 |
| 2026-06-05T21:54:27.472118+00:00 | Debian Oval Importer | Affected by | VCID-jac2-1kyc-zuhh | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 38.6.0 |