EUVD-2023-35869

Malicious code in bioql PyPI...

Denial Of Services (DoS)

libpodofo.so is vulnerable to Denial of Service DoS. This vulnerability exists because it does not properly manage heap buffer overflow s in :PdfEncryptRC4 which allows an attacker to cause an application crash...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the PdfEncryptRC4 function in PdfEncrypt.cpp. Remediation Upgrade podofo to version 0.10.4 or higher. References - GitHub Commit - GitHub Issue...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

Heap overflow

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4...

PoDoFo 缓冲区错误漏洞

PoDoFo is a free portable C++ library open-sourced by PoDoFo. PoDoFo version 0.10.0 suffers from a buffer overflow vulnerability that originates from the function PoDoFo::PdfEncryptRC4::PdfEncryptRC4 contains a heap buffer overflow. An attacker can exploit the vulnerability to run arbitrary code ...