VDB
CVE-2021-31811
CVE-2021-31811
PUBLISHED
In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
EPSS 0.21% · 43.2th percentile
Risk Scores
EPSS Score
0.21%
43.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:18.04:LTS | libpdfbox2-java | 2.0.7-1, 2.0.13-2~18.04, 2.0.8-2 |
| Ubuntu:16.04:LTS | libpdfbox-java | 0, 1:1.8.10-1, 1:1.8.10-2 |
| Ubuntu:24.04:LTS | libpdfbox2-java | 2.0.29-1, 2.0.27-2, 0 |
| Ubuntu:18.04:LTS | libpdfbox-java | 0, *, * |
| Ubuntu:25.10 | libpdfbox-java | *, 0 |
| Ubuntu:25.10 | libpdfbox2-java | 2.0.29-1, 0 |
| Ubuntu:24.04:LTS | libpdfbox-java | 1:1.8.16-5, 1:1.8.16-4, 0 |
| Ubuntu:20.04:LTS | libpdfbox-java | 0, 1:1.8.16-2 |
| Ubuntu:22.04:LTS | libpdfbox-java | 0, 1:1.8.16-2 |
| Ubuntu:22.04:LTS | libpdfbox2-java | 2.0.24-2, 2.0.25-1, 2.0.23-1 |
| Ubuntu:20.04:LTS | libpdfbox2-java | 2.0.16-1, 0, 2.0.17-1 |
Timeline
- CVE Published
- Jun 12, 2021 PoC Published
- Jun 13, 2021 EPSS Score
- Jun 14, 2021 EPSS Score
- Jul 21, 2021 EPSS Score
- Aug 14, 2021 EPSS Score
- Oct 13, 2021 EPSS Score
- Oct 21, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 11, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-31811 third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/06/12/2 third-party-advisory
- https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e%40%3Cusers.pdfbox.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/re3bd16f0cc8f1fbda46b06a4b8241cd417f71402809baa81548fc20e@%3Cusers.pdfbox.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rf937c2236e6c79cdb99f76a70690dd345e53dbe0707cb506a202e43e@%3Cannounce.apache.org%3E third-party-advisory
- http://www.openwall.com/lists/oss-security/2021/06/12/2 third-party-advisory
- https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-31811 third-party-advisory