Vulnerabilities

CVE-2019-0228

by Fred · 17/04/2019

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

Date published : 2019-04-17

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HKVPTJWZGUB4MH4AAOWMRJHRDBYFHGJ/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/POPOGHJ5CVMUVCRQU7APBAN5IVZGZFDX/

Similar

Tags: Cybersecurity Alert