itextsharp vulnerabilities

PLEASE NOTE: iTextSharp is EOL, and has been replaced by iText 7. Only security fixes will be added We HIGHLY recommend customers use iText 7 for new projects, and to consider moving existing projects from iTextSharp to iText 7 to benefit from the many improvements such as: * HTML to PDF (PDF/UA) conversion * PDF Redaction * SVG support * Better language support (Indic, Thai, Khmer, Arabic, Hebrew) * PDF Debugging for your IDE * Data Extraction * Better continued support and bugfixes * More modular, extensible handling of your document workflow * Extra practical add-ons * Encryption, hashing and digital signatures iText is a PDF library that allows you to CREATE, ADAPT, INSPECT and MAINTAIN documents in the Portable Document Format (PDF), allowing you to add PDF functionality to your software projects with ease. We even have documentation to help you get coding. iText 7 is available under AGPL and Commercial license. iText 7 community: https://www.nuget.org/packages/itext7/ iText 7 is a complete re-write of iText 5, allowing you to choose your adventure with add-ons, all based on a simple, modular code structure that is easy to use and well documented. iText 7 includes pdfDebug, the first debugging tool that gives you a clear overview of your content streams and document structure as well as pdfCalligraph, allowing you to leverage advanced typography. Several iText engineers are actively supporting the project on StackOverflow: http://stackoverflow.com/questions/tagged/itext

Latest version: 5.5.13.1

Licenses detected

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the itextsharp package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • M
Insufficient Signature Validation
[,5.5.13.1) Not available 09 Jan, 2020
  • M
Denial of Service (DoS)
[,5.5.13.1) Not available 09 Jan, 2020
  • H
XML External Entity (XXE) Injection
[,5.5.12) Not available 08 Jan, 2020