VDB
CVE-2021-31812
CVE-2021-31812
PUBLISHED
In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
EPSS 0.23% · 46.0th percentile
Risk Scores
EPSS Score
0.23%
46.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | libpdfbox2-java | 2.0.16-1, 2.0.17-1, 2.0.18-1 |
| Ubuntu:18.04:LTS | libpdfbox2-java | 2.0.8-2, 2.0.8-1, 2.0.7-1 |
| Ubuntu:16.04:LTS | libpdfbox-java | 1:1.8.11+dfsg-1, 0, 1:1.8.7+dfsg-1 |
| Ubuntu:20.04:LTS | libpdfbox-java | 0, 1:1.8.16-2 |
| Ubuntu:24.04:LTS | libpdfbox2-java | 2.0.29-1, 0, 2.0.27-2 |
| Ubuntu:25.10 | libpdfbox-java | 0, * |
| Ubuntu:18.04:LTS | libpdfbox-java | 1:1.8.13-2, 0, * |
| Ubuntu:25.10 | libpdfbox2-java | 0, 2.0.29-1 |
| Ubuntu:24.04:LTS | libpdfbox-java | 1:1.8.16-5, 1:1.8.16-4, 0 |
| Ubuntu:22.04:LTS | libpdfbox-java | 1:1.8.16-2, 0 |
| Ubuntu:22.04:LTS | libpdfbox2-java | 0, 2.0.23-1, 2.0.24-2 |
Timeline
- CVE Published
- Jun 13, 2021 EPSS Score
- Jun 14, 2021 EPSS Score
- Jun 25, 2021 EPSS Score
- Aug 14, 2021 EPSS Score
- Oct 13, 2021 EPSS Score
- Oct 21, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 11, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jun 13, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-31812 third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/06/12/1 third-party-advisory
- https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e%40%3Cusers.pdfbox.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/ra2ab0ce69ce8aaff0773b8c1036438387ce004c2afc6f066626e205e@%3Cusers.pdfbox.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rf251f6c358087107f8c23473468b279d59d50a75db6b4768165c78d3@%3Cannounce.apache.org%3E third-party-advisory
- http://www.openwall.com/lists/oss-security/2021/06/12/1 third-party-advisory
- https://lists.apache.org/thread.html/re0cacd3fb337cdf8469853913ed2b4ddd8f8bfc52ff0ddbe61c1dfba@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r132e9dbbe0ebdc08b39583d8be0a575fdba573d60a42d940228bceff@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r179cc3b6822c167702ab35fe36093d5da4c99af44238c8a754c6860f@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r2090789e4dcc2c87aacbd87d5f18e2d64dcb9f6eb7c47f5cf7d293cb@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rfe26bcaba564deb505c32711ba68df7ec589797dcd96ff3389a8aaba@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/rd4b6db6c3b8ab3c70f1c3bbd725a40920896453ffc2744ade6afd9fb@%3Cnotifications.ofbiz.apache.org%3E third-party-advisory
- https://lists.apache.org/thread.html/r143fd8445e0e778f4a85187bd79438630b96b8040e9401751fdb8aea@%3Ccommits.ofbiz.apache.org%3E third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-31812 third-party-advisory