EUVD-2022-1046

Malicious code in bioql PyPI...

EUVD-2022-0948

Malicious code in bioql PyPI...

CVE-2023-6299

A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.1. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit ha...

CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24197

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

africa.absa:inception-reporting (>=1.0.0 <=1.2.0), africa.absa:inception-reporting-api (>=1.0.0 <=1.2.0) +1448 more potentially affected by CVE-2017-9096 via com.lowagie:itext (>=1.3 <=4.2.2)

com.lowagie:itext MAVEN version =1.3, =1.0.0, =1.0.0, =0.1.0, =2.0.7, =1.0.0, =1.0.7, =5.0.0, =1.0.0, =1.0, =1.0, =1.0, =0.0.1, =0.0.1, =1.1.8, =2.4.0 and more Source cves: CVE-2017-9096 Source advisory: OSV:GHSA-86P9-X5PW-94QX...

Denial Of Service (DoS)

iText is vulnerable to denial of service. The vulnerability exists due to an out-of-memory error via the component readStreamBytesRaw which allows an attacker to crash the system via a maliciously crafted PDF file...

iText XML External Entity Vulnerability

iText is a software development kit that allows users to integrate PDF functionality into their application, process or product. An XML external entity injection vulnerability exists in iText prior to 5.5.12 and version 7.x prior to 7.0.3. The vulnerability arises because the XML parser in iText...