CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Security Bulletin: Vulnerability in iText affects IBM Process Mining . CVE-2022-24196

Summary There is a vulnerability in iText that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-24196 DESCRIPTION: iText is...

club.javafamily:javafamily-utils-all (>=2.3.2-beta.3 <=2.3.2-beta.4), club.javafamily:javafamily-utils-pdf-itext (>=2.3.2-beta.3 <=2.3.2-beta.4) +214 more potentially affected by CVE-2022-24196 via com.itextpdf:itext7-core (>=7.0.4 <=7.1.16)

com.itextpdf:itext7-core MAVEN version =7.0.4, =2.3.2-beta.3, =2.3.2-beta.3, =1.6.0, =0.0.30, =0.1, =1.0, =1.0, =1.0, =1.1 - com.houkunlin.easypoi:easypoi-base =5.0.2 - com.houkunlin.easypoi:easypoi-spring-boot-starter =5.0.2 - com.houkunlin.easypoi:easypoi-web =5.0.2 -...

CVE-2022-24196

creationtimestamp| type| source ---|---|--- 2022-02-01 22:26:46+00:00| seen| https://t.me/cibsecurity/36659...

CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24196

CVE-2022-24196 affects iText Java PDF library versions up to (but not including) 7.1.18 and 7.2.2, with the root cause in the readStreamBytesRaw component. This creates an out-of-memory condition that can be exploited by a crafted PDF to cause a Denial of Service. Public sources identify vulnerab...