GHSA-C32G-2MGR-CFQ7 Out-of-bounds Write in iText

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Out-of-bounds Read in iText

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service DoS via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable...

GHSA-HHH6-CM2M-3FHC Allocation of Resources Without Limits or Throttling in iText

iText v7.1.17 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Allocation of Resources Without Limits or Throttling in iText

iText v7.1.17 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24198

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service DoS via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable...

CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24197

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24197

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Stack overflow

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

Out-of-bounds

DISPUTED iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service DoS via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable...

Design/Logic Flaw

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24198

iText 7.1.17 contains an out-of-bounds condition in ARCFOUREncryption.encryptARCFOUR that can cause a Denial of Service when processing a crafted PDF. This aligns with CVE-2022-24198. Multiple connected sources corroborate the component and payload (ARCFOUREncryption.encryptARCFOUR; crafted PDF)....

CVE-2022-24197

CVE-2022-24197 affects iText 7.1.17, where a stack-based buffer overflow in ByteBuffer.append during PDF parsing can cause a Denial of Service. A fix is available in iText 7.1.18; organizations should upgrade to 7.1.18 to mitigate.

CVE-2022-24196

iText v7.1.17, up to exluding": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...

CVE-2022-24197

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service DoS via a crafted PDF file...