Vulnerabilities > Itextpdf > Itext > 7.1.17

DATE CVE VULNERABILITY TITLE RISK
2022-02-01 CVE-2022-24196 Allocation of Resources Without Limits or Throttling vulnerability in Itextpdf Itext
iText v7.1.17, up to (exluding)": 7.1.18 and 7.2.2 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
network
low complexity
itextpdf CWE-770
6.5
6.5
2022-02-01 CVE-2022-24197 Out-of-bounds Write vulnerability in Itextpdf Itext
iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
network
low complexity
itextpdf CWE-787
6.5
6.5
2022-02-01 CVE-2022-24198 Out-of-bounds Read vulnerability in Itextpdf Itext 7.1.17
iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
network
low complexity
itextpdf CWE-125
6.5
6.5