Itext Security Vulnerabilities and Issues — Itext CVE List

Lucene search

ItextpdfItext

5 matches found

CVE•added 2022/02/01 8:15 p.m.•74 views

CVE-2022-24197

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

6.5CVSS6.4AI score0.00148EPSS

CVE•added 2022/02/01 8:15 p.m.•69 views

CVE-2022-24196

iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

6.5CVSS6.2AI score0.00151EPSS

CVE•added 2022/02/01 8:15 p.m.•65 views

CVE-2022-24198

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable.

6.5CVSS6.3AI score0.0038EPSS

CVE•added 2023/11/26 11:15 p.m.•48 views

CVE-2023-6299

A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.1. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated remotely. The exploit has ...

6.5CVSS5.4AI score0.00063EPSS

CVE•added 2023/11/26 11:15 p.m.•38 views

CVE-2023-6298

A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been disclosed to the public and ...

6.5CVSS5.3AI score0.00051EPSS