com.lowagie:itext (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package com.lowagie:itext, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (1)
CVE-2017-9096 — CVSS 8.8 (high): The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct…