7 matches found
SUSE SLES15 Security Update : podofo (SUSE-SU-2026:2309-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:2309-1 advisory. This update for podofo fixes the following issue: - CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp...
libpodofo-devel-1.1.0-1.1 on GA media (moderate)
libpodofo-devel-1.1.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10970-1 Rating: moderate Cross-References: CVE-2026-44348 CVSS scores: CVE-2026-44348 SUSE : 2.5 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2026-44348 SUSE : 2...
Security update for podofo
This update for podofo fixes the following issue: CVE-2026-44348: double-free in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp bsc1265320. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
Fedora 43 : podofo (2026-19873e3fac)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-19873e3fac advisory. Update to podof-1.0.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Fedora 44 : podofo (2026-5c81faa7bf)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5c81faa7bf advisory. Update to podof-1.0.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
Linux Distros Unpatched Vulnerability : CVE-2026-44348
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in computehashtosign in...
SUSE CVE-2026-44348
PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in computehashtosign in src/podofo/private/OpenSSLInternalRipped.cpp. If EVPDigestFinal fails after buf has already been freed, the Error label frees buf a second time, causing heap...