Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-8c9h-4q7g-fp7h

Опубликовано: 02 фев. 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.5

Описание

Out-of-bounds Read in iText

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable.

Ссылки

Пакеты

Наименование

com.itextpdf:itext7-core

maven
Затронутые версииВерсия исправления

<= 7.1.17

7.2.0

EPSS

Процентиль: 51%
0.00284
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-24198

Дефекты

CWE-125

Связанные уязвимости

nvd логотип

CVE-2022-24198

CVSS3: 6.5
nvd
около 4 лет назад

iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable.

EPSS

Процентиль: 51%
0.00284
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-24198

Дефекты

CWE-125