VulnerableCode Package Details - pkg:maven/org.apache.pdfbox/pdfbox@2.0.15

Search for packages

Vulnerability	Summary	Fixed by
VCID-4zpd-uwnd-zfg1 Aliases: CVE-2021-31811 GHSA-fg3j-q579-v8x4	Improper Check for Unusual or Exceptional Conditions In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.	2.0.24 Affected by 0 other vulnerabilities.
VCID-6wps-kttd-rkhv Aliases: CVE-2021-31812 GHSA-7grw-6pjh-jpc9	Excessive Iteration In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file.	2.0.24 Affected by 0 other vulnerabilities.
VCID-uhvk-357k-wuea Aliases: CVE-2021-27807 GHSA-2h3j-m7gr-25xj	Excessive Iteration A carefully crafted PDF file can trigger an infinite loop while loading a file.	2.0.23 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-zpn8-wp4m-fugy Aliases: CVE-2021-27906 GHSA-6vqp-h455-42mr	Uncontrolled Ressource Consumption A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox and pri versions.	2.0.23 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-4zpd-uwnd-zfg1
Aliases:
CVE-2021-31811
GHSA-fg3j-q579-v8x4

Improper Check for Unusual or Exceptional Conditions In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.

2.0.24
Affected by 0 other vulnerabilities.

VCID-6wps-kttd-rkhv
Aliases:
CVE-2021-31812
GHSA-7grw-6pjh-jpc9

Excessive Iteration In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file.

2.0.24
Affected by 0 other vulnerabilities.

VCID-uhvk-357k-wuea
Aliases:
CVE-2021-27807
GHSA-2h3j-m7gr-25xj

Excessive Iteration A carefully crafted PDF file can trigger an infinite loop while loading a file.

2.0.23
Affected by 2 other vulnerabilities.

VCID-zpn8-wp4m-fugy
Aliases:
CVE-2021-27906
GHSA-6vqp-h455-42mr

Uncontrolled Ressource Consumption A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox and pri versions.

2.0.23
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-zygf-j3g8-2yc3	Improper Restriction of XML External Entity Reference Apache PDFBox does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.	CVE-2019-0228 GHSA-c9jj-3wvg-q65h

Vulnerability

Summary

Aliases

VCID-zygf-j3g8-2yc3

Improper Restriction of XML External Entity Reference Apache PDFBox does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

CVE-2019-0228
GHSA-c9jj-3wvg-q65h

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-06T00:45:16.330819+00:00	GitLab Importer	Affected by	VCID-6wps-kttd-rkhv	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.pdfbox/pdfbox/CVE-2021-31812.yml	38.6.0
2026-06-06T00:45:15.729180+00:00	GitLab Importer	Affected by	VCID-4zpd-uwnd-zfg1	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.pdfbox/pdfbox/CVE-2021-31811.yml	38.6.0
2026-06-04T20:47:11.751654+00:00	GitLab Importer	Affected by	VCID-uhvk-357k-wuea	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.pdfbox/pdfbox/CVE-2021-27807.yml	38.6.0
2026-06-04T20:47:09.580408+00:00	GitLab Importer	Affected by	VCID-zpn8-wp4m-fugy	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.pdfbox/pdfbox/CVE-2021-27906.yml	38.6.0
2026-06-04T18:24:45.225364+00:00	GHSA Importer	Fixing	VCID-zygf-j3g8-2yc3	https://github.com/advisories/GHSA-c9jj-3wvg-q65h	38.6.0
2026-06-04T17:42:56.571591+00:00	GithubOSV Importer	Fixing	VCID-zygf-j3g8-2yc3	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/07/GHSA-c9jj-3wvg-q65h/GHSA-c9jj-3wvg-q65h.json	38.6.0
2026-06-02T04:39:07.665462+00:00	GitLab Importer	Fixing	VCID-zygf-j3g8-2yc3	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.pdfbox/pdfbox/CVE-2019-0228.yml	38.6.0