Lucene search

K
Podofo ProjectPodofo

62 matches found

CVE
CVE
added 2017/03/16 3:59 p.m.49 views

CVE-2015-8981

Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size.

9.8CVSS9.6AI score0.00308EPSS
CVE
CVE
added 2017/03/15 2:59 p.m.49 views

CVE-2017-6841

The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

5.5CVSS5.3AI score0.00101EPSS
CVE
CVE
added 2017/03/15 2:59 p.m.49 views

CVE-2017-6842

The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.

5.5CVSS6.6AI score0.00101EPSS
CVE
CVE
added 2021/08/25 4:15 p.m.42 views

CVE-2020-18971

Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.

5.5CVSS5.4AI score0.00102EPSS
CVE
CVE
added 2023/04/22 4:15 p.m.41 views

CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the ...

7.8CVSS6.4AI score0.00046EPSS
CVE
CVE
added 2021/08/25 4:15 p.m.40 views

CVE-2020-18972

Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.

5.5CVSS5.1AI score0.00167EPSS
CVE
CVE
added 2023/05/10 4:15 p.m.40 views

CVE-2023-31556

podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.

8.8CVSS6.3AI score0.00094EPSS
CVE
CVE
added 2023/05/10 4:15 p.m.40 views

CVE-2023-31567

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.

8.8CVSS8.8AI score0.00132EPSS
CVE
CVE
added 2023/05/10 4:15 p.m.36 views

CVE-2023-31566

Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().

8.8CVSS8.6AI score0.00107EPSS
CVE
CVE
added 2023/05/10 4:15 p.m.35 views

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.

8.8CVSS8.9AI score0.00159EPSS
CVE
CVE
added 2023/05/10 4:15 p.m.30 views

CVE-2023-31555

podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.

6.5CVSS6.3AI score0.0009EPSS
CVE
CVE
added 2025/08/24 4:15 p.m.10 views

CVE-2025-9394

A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. T...

5.5CVSS5.2AI score0.00034EPSS
Total number of security vulnerabilities62