IronPDF Security and CVE Information
Please see information below regarding IronPDF:
- All Iron Software products are DigiCert certified.
- IronPDF does not use web services nor send data across the internet.
- No COM or COM+ interfaces are exposed in the IronPdf.dll.
- The library is written in C# which protects implicitly from many common attack vectors.
- As few entry points as possible to our API are exposed.
- Strong naming and sophisticated tamper protection.
- Regularly scanned with multiple anti-virus/anti-malware scanners, using highest security and heuristic search for potential threats.
- Every line of code goes through at least two levels of human review by senior engineers to check for security vulnerabilities.
- We disclose that the software will access unmanaged (C++) code including Google PDFIUM, Google CEF, and proprietary code.