CVE-2022-24197

Source
https://cve.org/CVERecord?id=CVE-2022-24197
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24197.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-24197
Aliases
Published
2022-02-01T00:00:00Z
Modified
2026-07-08T06:01:53.301166250Z
Summary
[none]
Details

iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/24xxx/CVE-2022-24197.json",
    "cna_assigner": "mitre"
}
References

Affected packages

Git / github.com/itext/itext-java

Affected ranges

Type
GIT
Repo
https://github.com/itext/itext-java
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Affected versions

7.*
7.0.0
7.0.0-RC.20160201
7.0.0-RC.20160321
7.0.0-RC.20160406
7.0.1
7.0.2
7.0.3
7.0.4
7.0.5
7.1.0
7.1.1
7.1.10
7.1.11
7.1.12
7.1.13
7.1.14
7.1.15
7.1.16
7.1.17
7.1.2
7.1.3
7.1.4
7.1.5
7.1.6
7.1.7
7.1.8
7.1.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24197.json"