org.apache.pdfbox:pdfbox vulnerabilities

The Apache PDFBox library is an open source Java tool for working with PDF documents.

Latest version: 2.0.16

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the org.apache.pdfbox:pdfbox package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability Vulnerable versions Snyk patch Published
  • M
XML External Entity (XXE) Injection
[2.0.14,2.0.15) Not available 12 Apr, 2019
  • M
Denial of Service (DoS)
[1.8.0, 1.8.15),[2.0.0, 2.0.12) Not available 09 Oct, 2018
  • H
XML External Entity (XXE) Injection
[1.8.0,1.8.12),[2.0.0,2.0.1) Not available 27 May, 2016
  • M
Authentication Bypass
[,1.8.13),[2.0.0,2.0.2) Not available 06 May, 2016