1 org.apache.pdfbox:pdfbox vulnerability found in modules/pom.xml on 17 Oct 2018
Remediation
Upgrade org.apache.pdfbox:pdfbox to version 2.0.12 or later. For example:
org.apache.pdfboxpdfbox[2.0.12,)
Always verify the validity and compatibility of suggestions with your codebase.
Details
CVE-2018-11797 More information
high severity
Vulnerable versions: >= 2.0.0, < 2.0.12
Patched version: 2.0.12
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
as per security alert raised automatically
https://github.com/incodehq/incode-platform/network/alert/modules/pom.xml/org.apache.pdfbox:pdfbox/open
1 org.apache.pdfbox:pdfbox vulnerability found in modules/pom.xml on 17 Oct 2018 Remediation Upgrade org.apache.pdfbox:pdfbox to version 2.0.12 or later. For example:
Always verify the validity and compatibility of suggestions with your codebase.
Details CVE-2018-11797 More information high severity Vulnerable versions: >= 2.0.0, < 2.0.12 Patched version: 2.0.12 In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.