iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. NOTE: Vendor does not view this as a vulnerability and has not found it to be exploitable.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| com.itextpdf:itext7-core(Maven) | 0 | 7.2.0 | N/A |
CVSS Metrics
