5 matches found
Security Bulletin: Vulnerability in iText affects IBM Process Mining . CVE-2022-24197
Summary There is a vulnerability in iText that could allow a remote attacker to execute a denial of service. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2022-24197 DESCRIPTION: iText is...
club.javafamily:javafamily-utils-all (>=2.3.2-beta.3 <=2.3.2-beta.4), club.javafamily:javafamily-utils-pdf-itext (>=2.3.2-beta.3 <=2.3.2-beta.4) +214 more potentially affected by CVE-2022-24197 via com.itextpdf:itext7-core (>=7.0.4 <=7.1.16)
com.itextpdf:itext7-core MAVEN version =7.0.4, =2.3.2-beta.3, =2.3.2-beta.3, =1.6.0, =0.0.30, =0.1, =1.0, =1.0, =1.0, =1.1 - com.houkunlin.easypoi:easypoi-base =5.0.2 - com.houkunlin.easypoi:easypoi-spring-boot-starter =5.0.2 - com.houkunlin.easypoi:easypoi-web =5.0.2 -...
CVE-2022-24197
creationtimestamp| type| source ---|---|--- 2022-02-01 22:26:53+00:00| seen| https://t.me/cibsecurity/36663...
CVE-2022-24197
iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...
CVE-2022-24197
CVE-2022-24197 affects iText 7.1.17, where a stack-based buffer overflow in ByteBuffer.append during PDF parsing can cause a Denial of Service. A fix is available in iText 7.1.18; organizations should upgrade to 7.1.18 to mitigate.