Vulnerability Database

296,733

Total vulnerabilities in the database

CVE-2021-31812

In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

Published: Jun 12, 2021
Updated: Nov 8, 2023
CVE: CVE-2021-31812
GHSA: GHSA-7grw-6pjh-jpc9
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

CWEs:

Affected Software
References

Software	From	Fixed in
apache / pdfbox	2.0.0	2.0.23.x
fedoraproject / fedora	33	33.x
fedoraproject / fedora	34	34.x
oracle / banking_credit_facilities_process_management	14.3.0	14.3.0.x
oracle / banking_corporate_lending_process_management	14.3.0	14.3.0.x
oracle / communications_messaging_server	8.1	8.1.x
oracle / banking_supply_chain_finance	14.2.0	14.2.0.x
oracle / banking_credit_facilities_process_management	14.2.0	14.2.0.x
oracle / banking_credit_facilities_process_management	14.5.0	14.5.0.x
oracle / banking_corporate_lending_process_management	14.2.0	14.2.0.x
oracle / banking_corporate_lending_process_management	14.5.0	14.5.0.x
oracle / banking_supply_chain_finance	14.5.0	14.5.0.x
oracle / banking_supply_chain_finance	14.3.0	14.3.0.x
oracle / retail_customer_management_and_segmentation_foundation	18.1	18.1.x
org.apache.pdfbox / pdfbox	2.0.0	2.0.24
org.apache.pdfbox / pdfbox-parent	2.0.0	2.0.24

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime