Itext Security Vulnerabilities - CVSS Score 9 - 10

cve

CVE-2021-43113

iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java.

9.8CVSS

9.3AI Score

0.003EPSS

2021-12-15 07:15 AM