Linux Distros Unpatched Vulnerability : CVE-2021-43113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iTextPDF in iText 7 and up to excluding 4.4.13.3 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs aka Ghostscript command...

iText 缓冲区错误漏洞

iText is an open source library for creating and manipulating PDF files in Java. It is written by Bruno Lowagie, Paulo Soares and others. A buffer error vulnerability exists in iText that stems from the iText v7.1.17 component readStreamBytesRaw contains an out-of-memory error that can be exploit...

CVE-2022-24198

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service DoS via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable...

iText command injection vulnerability

iText is an open source library for creating and manipulating PDF files in Java. It is written by Bruno Lowagie, Paulo Soares and others. iText in the version before 7.1.17 there is a command injection vulnerability, the vulnerability stems from the user input construct to execute the command...