Package impact
Maven / com.itextpdf:itextpdf
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2017-9096 | high | 8.8 | 8.8 | 9y ago | Improper Restriction of XML External Entity Reference in iText | |
| CVE-2021-43113 | unknown | — | — | 5y ago | iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java. |