Severity

Medium

Analysis Summary

CVE-2021-27906

Apache PDFBox is vulnerable to a denial of service, caused by an OutOfMemory-Exception flaw. By persuading a victim to open a specially-crafted .PDF file, a remote attacker could exploit this vulnerability to cause the application to crash.

Impact

Denial of service

Affected Vendors

Apache

Affected Products

Apache PDFBox 2.0.21

Remediation

Upgrade to the latest version of PDFBox (2.0.22 or later).