2 matches found
UBUNTU-CVE-2025-46205
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...
Linux Distros Unpatched Vulnerability : CVE-2023-31567
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. CVE-2023-31567 Note that Nessus reli...