IronPDF - Security CVE
Please see information below regarding IronPDF:
- All Iron Software products are DigiCert certified
- IronPDF does not use web services nor send data across the internet
- No COM or COM+ interfaces are exposed in the IronPdf.dll
- The library is written in C# which protects implicitly from many common attack vectors
- As few entry points as possible to our API are exposed
- Strong naming and sophisticated tamper protection
- Regularly scanned with multiple anti-virus/anti-malware scanners, using highest security and heuristic search for potential threats
- Every line of code goes though at least two levels of human review by senior engineers to check for security vulnerabilities
- We will disclose that the software will access un-managed (C++) code:
pdfium.dll - which is used in internal operations. No direct executable entry point to this DLL is distributed nor exposed.
