VYPR

Itext

by Itextpdf

CVEs (3)

  • CVE-2017-9096HigNov 8, 2017
    risk 0.58cvss 8.8epss 0.10

    The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.

  • CVE-2023-6299Nov 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability, which was classified as problematic, has been found in Apryse iText 8.0.1. This issue affects some unknown processing of the file PdfDocument.java of the component Reference Table Handler. The manipulation leads to memory leak. The attack may be initiated…

  • CVE-2023-6298Nov 26, 2023
    risk 0.00cvss epss 0.01

    A vulnerability classified as problematic was found in Apryse iText 8.0.2. This vulnerability affects the function main of the file PdfDocument.java. The manipulation leads to improper validation of array index. The attack can be initiated remotely. The exploit has been…