Itext
by Itextpdf
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-9096 | Hig | 0.58 | 8.8 | 0.10 | Nov 8, 2017 | The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF. | ||
| CVE-2023-6299 | 0.00 | — | 0.01 | Nov 26, 2023 | A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.1. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated… | |||
| CVE-2023-6298 | 0.00 | — | 0.01 | Nov 26, 2023 | A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been… |
- risk 0.58cvss 8.8epss 0.10
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
- CVE-2023-6299Nov 26, 2023risk 0.00cvss —epss 0.01
A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.1. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated…
- CVE-2023-6298Nov 26, 2023risk 0.00cvss —epss 0.01
A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been…