CVE-2022-24197
Description
A stack-based buffer overflow in iText v7.1.17's ByteBuffer.append allows denial of service via a crafted PDF file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A stack-based buffer overflow in iText v7.1.17's ByteBuffer.append allows denial of service via a crafted PDF file.
## Vulnerability iText v7.1.17 contains a stack-based buffer overflow in the ByteBuffer.append component. An attacker can trigger this vulnerability by providing a specially crafted PDF file that causes the buffer to overflow, leading to a crash. [1]
Exploitation
The attacker needs to deliver a malicious PDF file to a user or application that processes PDFs using iText v7.1.17. No authentication or special privileges are required; the victim only needs to open or parse the crafted PDF. [1]
Impact
Successful exploitation results in a denial of service (DoS) condition, causing the application to crash. The vulnerability does not appear to allow code execution or data exfiltration based on available information. [1]
Mitigation
As of the publication date (2022-02-01), no official patch has been released for iText v7.1.17. Users should monitor the iText project for updates and consider upgrading to a fixed version when available. Until then, avoid processing untrusted PDF files. [1]
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.itextpdf:itext7-coreMaven | < 7.1.18 | 7.1.18 |
Affected products
2- iText/iTextdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Stack-based buffer overflow in ByteBuffer.append (line 110) caused by recursive parsing of a crafted PDF, leading to a StackOverflowError."
Attack vector
An attacker provides a specially crafted PDF file that, when parsed by iText v7.1.17, triggers a stack overflow in `ByteBuffer.append` (line 110) [CWE-787][ref_id=1]. The overflow propagates through the tokenizer and reader call chain, ultimately causing a `StackOverflowError` and a Denial of Service [ref_id=1][ref_id=2]. No authentication or special network access is required; the attacker only needs to deliver the malicious PDF to a target application that uses iText to process it.
Affected code
The vulnerability is triggered in `com.itextpdf.io.source.ByteBuffer.append` at line 110, which leads to a `StackOverflowError` through a deep call chain involving `PdfTokenizer.getStringValue`, `PdfTokenizer.nextToken`, `PdfTokenizer.nextValidToken`, and various `PdfReader` methods such as `readObject`, `readDictionary`, `readArray`, and `readReference` [ref_id=1][ref_id=2]. The crash originates from parsing a crafted PDF file.
What the fix does
No patch is included in the bundle. The researchers reported the bug via a GitHub pull request (#78) but stated they lacked the contextual knowledge to thoroughly fix it and looked forward to a proposed plan from the developers [ref_id=1][ref_id=2]. The advisory does not specify any remediation guidance or indicate whether a fix has been published.
Preconditions
- inputThe target application must use iText v7.1.17 to parse a PDF file supplied by the attacker.
- networkNo authentication or special network privileges are required; the attacker only needs to deliver the crafted PDF.
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5News mentions
0No linked articles in our index yet.