EPSS
Percentile
71.9%
com.itextpdf:io is vulnerable to command injection. An attacker is able to inject and execute malicious commands on vulnerable systems due to a mishandled CompareTool filename on the ghostscript command line in GhostscriptHelper.java.
CompareTool
GhostscriptHelper.java
github.com/itext/itext7/commit/340d769934219369c5f8045fc6244da867d37c68
github.com/itext/itext7/releases/tag/7.1.17
pastebin.com/BXnkY9YY