cxf-core-3.3.10.jar vulnerability

Issue date: 21-09-2021
Affects versions: 14.6, 13.4, 12.6

Security Issue ID

SECURITY-248

Affected Product Version(s)

12.6.16, 13.4.9, 14.6.0 and previous releases.

Severity

medium

Description

CVE-2021-31811

In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.

NVD-CWE-Other

CVSSv2:

Base Score: MEDIUM (4.3)
Vector: /AV:N/AC:M/Au:N/C:N/I:N/A

CVSSv3:

Base Score: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Referenced In Projects/Scopes:

Repository workflow implementations:compile
Hippo Package CMS Dependencies:compile
BrX SaaS API Token Management Rest:compile
Hippo Site Toolkit Test:compile
Enterprise Package CMS Dependencies:compile
Bloomreach Experience System Tests Feaures:compile
Brx SaaS End-to-end Tests:compile
Hippo Site Toolkit CMS Dependencies:compile
BrX Site Management API:compile
Repository Servlets:compile
Repository Test:compile
Hippo Site Toolkit Client Module Page Composer:compile
Enterprise Repository Engine:compile
Hippo Site Toolkit Addon Resources to the Repository:compile
BrX Content Types Management API:compile
BrX SaaS CMS:compile
Hippo Content Feed Addon Source Frontend:compile
Repository Dependencies:compile
Bloomreach Experience System Tests CMS:compile
Hippo Workflow Process Management Addon Repository CMS:compile
Starter Store Addon CMS:compile
Hippo Test Suite CMS Dependencies:compile
Starter Store B2B Addon Dependencies for CMS:compile
BrX SaaS Integration Tests:compile
Hippo CMS7 Services - webfiles:compile
BrX SaaS Repository Data QA Application:compile
Starter Store B2B Addon CMS:compile
Starter Store Addon Dependencies for CMS:compile
Hippo Dependencies Platform Package:compile
Hippo Workflow Process Management Addon CMS Dependencies:compile
Repository Tika Config Provider:compile
Hippo Site Toolkit Platform Component:compile
Hippo Test Suite CMS:compile
Hippo Content Feed Addon Source Engine:compile
BrX SaaS CMS Dependencies:compile
Enterprise Package Platform Dependencies:compile
Hippo Workflow Process Management Addon Frontend Project Perspective:compile
BrX Management APIs Common:compile
Hippo Site Toolkit Platform Dependencies:compile
Repository Engine:compile

Instructions

Customers using the 12.x, 13.x and 14.x major versions are recommended to upgrade to the latest version in that series.

Content Application

Channels

Projects

Relevance

Architecture

Concepts

Platform Configuration

Frontend Integration

Backend Development

Commerce Accelerator

Cloud Deployment (PaaS)

On-Premise Deployment

Security

Release Management

Platform Development

Bloomreach Documentation version

cxf-core-3.3.10.jar vulnerability