20 matches found
EUVD-2018-4934
Malware in sbrugna...
EUVD-2021-17395
Malware in sbrugna...
EUVD-2023-35867
Malicious code in bioql PyPI...
openSUSE Security Advisory (SUSE-SU-2024:2281-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : podofo (SUSE-SU-2024:2287-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2287-1 advisory. - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of...
SUSE-SU-2024:2287-1 Security update for podofo
This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720 - Drop unused backup sources to clean up the compile env bsc1213720...
SUSE SLES15 / openSUSE 15 Security Update : podofo (SUSE-SU-2024:2281-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2281-1 advisory. - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream...
PT-2024-40997 · Podofo · Podofo
Name of the Vulnerable Software and Affected Versions: podofo affected versions not specified Description: The issue concerns the validation of encrypt dictionary parameters in PdfEncrypt and the handling of invalid XRef stream entries in PdfXRefStreamParserObject. Additionally, there is a cleanu...
SUSE-SU-2024:2281-1 Security update for podofo
This update for podofo fixes the following issues: - PdfEncrypt: Validate more encrypt dictionary parameters bsc1213720 - PdfXRefStreamParserObject: Fixed handling of invalid XRef stream entries bsc1213720...
Use After Free
Overview Affected versions of this package are vulnerable to Use After Free in the IsMetadataEncrypted function in PdfEncrypt. Remediation Upgrade podofo to version 0.10.4 or higher. References - GitHub Commit - GitHub Issue...
SUSE CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
Heap overflow
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
UBUNTU-CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
CVE-2023-31566
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted...
PoDoFo Stack Buffer Overflow Vulnerability
PoDoFo is a free, portable and easy to use PDF parsing, modification and creation library. A stack buffer overflow vulnerability exists in the PdfEncrypt::ComputeOwnerKey function in PdfEncrypt.cpp in PoDoFo version 0.9.7. The vulnerability stems from improper checking of the keyLength value. No...
Sourceforge PoDoFo 缓冲区错误漏洞
PoDoFo is a free, portable and easy to use PDF parsing, modification and creation library. A stack buffer overflow vulnerability exists in the PdfEncrypt::ComputeOwnerKey function in PdfEncrypt.cpp in PoDoFo version 0.9.7. The vulnerability stems from improper checking of the keyLength value. No...