Lucene search
Veracode Vulnerability DatabaseVERACODE:33377HistoryDec 17, 2021 - 4:24 a.m.
Command Injection
2021-12-1704:24:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
vulnerability
command injection
software
mishandled filename
ghostscripthelper.java
EPSS
0.003
Percentile
71.9%
com.itextpdf:io is vulnerable to command injection. An attacker is able to inject and execute malicious commands on vulnerable systems due to a mishandled CompareTool filename on the ghostscript command line in GhostscriptHelper.java.
Related
debian
debian
[SECURITY] [DSA 5323-1] libitext5-java security update
2023-01-19 22:43:13
[SECURITY] [DLA 3273-1] libitext5-java security update
2023-01-18 22:01:38
osv
osv
CVE-2021-43113
2021-12-15 07:15:07
libitext5-java - security update
2023-01-19 00:00:00
libitext5-java - security update
2023-01-18 00:00:00
ubuntucve
ubuntucve
CVE-2021-43113
2021-12-15 00:00:00
nessus
nessus
Debian DSA-5323-1 : libitext5-java - security update
2023-01-20 00:00:00
Debian DLA-3273-1 : libitext5-java - LTS security update
2023-01-20 00:00:00
prion
prion
Command injection
2021-12-15 07:15:00
cnvd
cnvd
iText command injection vulnerability
2021-12-19 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-5323-1)
2023-01-21 00:00:00
Debian: Security Advisory (DLA-3273-1)
2023-01-19 00:00:00
cvelist
cvelist
CVE-2021-43113
2021-12-15 00:00:00
debiancve
debiancve
CVE-2021-43113
2021-12-15 07:15:07
github
github
Command injection in itext7-core
2021-12-16 00:02:15
nvd
nvd
CVE-2021-43113
2021-12-15 07:15:07
cve
cve
CVE-2021-43113
2021-12-15 07:15:07
qualysblog
qualysblog
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00