iTextPDF iText 7.0.0

CPE Details

iTextPDF iText 7.0.0
itextpdf
itext
7.0.0
2019-08-02
14h32 +00:00
2019-08-02
14h32 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:itextpdf:itext:7.0.0:*:*:*:*:*:*:*

Informations

Vendor

itextpdf

Product

itext

Version

7.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-24196 2022-01-31 23h00 +00:00 iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
6.5
Medium
CVE-2022-24197 2022-01-31 23h00 +00:00 iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
6.5
Medium
CVE-2021-43113 2021-12-14 23h00 +00:00 iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java.
9.8
Critical
CVE-2017-9096 2017-11-08 15h00 +00:00 The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
8.8
High