EUVD-2019-19053

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-30471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stac...

Linux Distros Unpatched Vulnerability : CVE-2017-7994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference an...

Linux Distros Unpatched Vulnerability : CVE-2017-8053

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PoDoFo 0.9.5 allows denial of service infinite recursion and stack consumption via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure PdfParser.cpp...

Linux Distros Unpatched Vulnerability : CVE-2017-8787

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a...

Linux Distros Unpatched Vulnerability : CVE-2017-7381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafte...

Linux Distros Unpatched Vulnerability : CVE-2018-5295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function base/PdfXRefStreamParserObject.cpp. Remote attackers could...

SUSE CVE-2017-6841

The GraphicsStack::TGraphicsStackElement::TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file...

PT-2019-16091 · Podofo +3 · Podofo +3

Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.6 Description: The issue allows remote attackers to cause a denial of service NULL pointer dereference via a crafted file. This is due to the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h, which is affected by co...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file. Remediation There is no fixed version fo...

PT-2018-11515 · Podofo +4 · Podofo +4

Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.6-rc1 Description: A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey function could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. Recommendations: For PoDo...

Resource Management Errors

Overview Affected versions of this package are vulnerable to Resource Management Errors. An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of...

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds. In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a...

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read. In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other...

PoDoFo Denial of Service Vulnerability (CNVD-2017-04560)

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the doc/PdfPage.cpp:609:23 code in PoDoFo version 0.9.5 that allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted...

PT-2017-17369 · Podofo +2 · Podofo +2

Name of the Vulnerable Software and Affected Versions: PoDoFo version 0.9.5 Description: The issue allows remote attackers to cause a denial of service via a crafted file, specifically through a NULL pointer dereference in the ColorChanger::GetColorFromStack function in colorchanger.cpp...