Release iText Core 7.1.18
Release date: December 16, 2022
The iText 7 Core 7.1.18 release is a maintenance release for iText 7.1.x which includes some recent CVE mitigations and backports from 7.2.x releases.
It addresses two CVE issues (CVE-2022-24196, CVE-2022-24197) which were fixed in the release of iText 7 Core 7.2.2. In addition, we've also backported a fix from our 7.2.1 release which fixes improper nesting of canvas operators when converting SVG to PDF by supporting q/Q Operators inside BT/ET text blocks and objects.
Also included with this release are new versions of our pdfSweep and pdfXFA add-ons which are compatible with iText 7.1.18. See the release pages linked below for more details.
iText 7 Suite Releases
Downloads:
| GitHub | Maven | NuGet | Artifactory | |
|---|---|---|---|---|
| iText 7 Core – 7.1.18 (Java) | link | link | N/A | link |
| iText 7 Core – 7.1.18 (.NET) | link | N/A | link | link |
Bugs
- CVE fixes
- CVE-2022-24196 - out-of-memory error via the component readStreamBytesRaw
- CVE-2022-24197 - stack-based buffer overflow via the component ByteBuffer.append
- SVG. Support of q/Q Operators inside BT/ET text block/object
eBooks
- Best iText 7 Questions on StackOverflow
- iText 7: Building Blocks
- iText 7: Jump-Start Tutorial for .NET
- iText 7: Jump-Start Tutorial for Java