Filtered by vendor Podofo Project
Subscriptions
Filtered by product Podofo
Subscriptions
Total
61 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-8002 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
| In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | ||||
| CVE-2018-6352 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
| In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file. | ||||
| CVE-2018-5783 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
| In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file. | ||||
| CVE-2018-5308 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
| PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | ||||
| CVE-2018-5309 | 1 Podofo Project | 1 Podofo | 2024-08-05 | N/A |
| In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. | ||||
| CVE-2019-20093 | 2 Fedoraproject, Podofo Project | 2 Fedora, Podofo | 2024-08-05 | 5.5 Medium |
| The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | ||||
| CVE-2019-10723 | 1 Podofo Project | 1 Podofo | 2024-08-04 | N/A |
| An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. | ||||
| CVE-2019-9687 | 2 Fedoraproject, Podofo Project | 2 Fedora, Podofo | 2024-08-04 | N/A |
| PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | ||||
| CVE-2019-9199 | 2 Fedoraproject, Podofo Project | 2 Fedora, Podofo | 2024-08-04 | N/A |
| PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
| CVE-2020-18971 | 1 Podofo Project | 1 Podofo | 2024-08-04 | 5.5 Medium |
| Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. | ||||
| CVE-2020-18972 | 1 Podofo Project | 1 Podofo | 2024-08-04 | 5.5 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | ||||
| CVE-2021-30469 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. | ||||
| CVE-2021-30472 | 1 Podofo Project | 1 Podofo | 2024-08-03 | 7.8 High |
| A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. | ||||
| CVE-2021-30471 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. | ||||
| CVE-2021-30470 | 3 Fedoraproject, Podofo Project, Redhat | 3 Fedora, Podofo, Enterprise Linux | 2024-08-03 | 5.5 Medium |
| A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. | ||||
| CVE-2023-31556 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 6.5 Medium |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | ||||
| CVE-2023-31568 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | ||||
| CVE-2023-31567 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | ||||
| CVE-2023-31566 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 8.8 High |
| Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | ||||
| CVE-2023-31555 | 1 Podofo Project | 1 Podofo | 2024-08-02 | 6.5 Medium |
| podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. | ||||