vulnerability

Ubuntu: (CVE-2018-8036): libpdfbox-java vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:N/A:P)	Jul 3, 2018	Nov 19, 2024	Jun 26, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:N/A:P)

Published

Jul 3, 2018

Added

Nov 19, 2024

Modified

Jun 26, 2025

Description

In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.

Solution(s)

no-fix-ubuntu-packageubuntu-upgrade-libpdfbox-javaubuntu-upgrade-libpdfbox2-java

References

CVE-2018-8036
https://attackerkb.com/topics/CVE-2018-8036
URL-http://www.openwall.com/lists/oss-security/2018/06/29/2
URL-https://lists.apache.org/thread.html/9f62f742fd4fcd81654a9533b8a71349b064250840592bcd502dcfb6@%3Cusers.pdfbox.apache.org%3E
URL-https://www.cve.org/CVERecord?id=CVE-2018-8036

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today