Debian Libitext5-Java vulnerabilities

CVE-2021-43113 [CRITICAL] CVE-2021-43113: libitext5-java - iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injecti... iTextPDF in iText 7 and up to (excluding 4.4.13.3) 7.1.17 allows command injection via a CompareTool filename that is mishandled on the gs (aka Ghostscript) command line in GhostscriptHelper.java. Scope: local bookworm: resolved (fixed in 5.5.13.3-1) bullseye: resolved (fixed in 5.5.13.2-1+deb11u1) forky: resolved (fixed in 5.5.13.3-1) sid: resolved (fixe

CVE-2021-37819 [HIGH] CVE-2021-37819: libitext-java - PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop via the co... PDF Labs pdftk-java v3.2.3 was discovered to contain an infinite loop via the component /text/pdf/PdfReader.java. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 2.1.7-16) sid: resolved (fixed in 2.1.7-16) trixie: resolved (fixed in 2.1.7-16)