Podofo@0.10.0 Security Vulnerabilities and Issues — Podofo@0.10.0 CVE List

Lucene search

Podofo ProjectPodofo0.10.0

6 matches found

CVE•added 2023/04/22 4:15 p.m.•40 views

CVE-2023-2241

A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the ...

7.8CVSS6.4AI score0.00046EPSS

CVE•added 2023/05/10 4:15 p.m.•39 views

CVE-2023-31556

podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.

8.8CVSS6.3AI score0.00094EPSS

CVE•added 2023/05/10 4:15 p.m.•38 views

CVE-2023-31567

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.

8.8CVSS8.8AI score0.00132EPSS

CVE•added 2023/05/10 4:15 p.m.•34 views

CVE-2023-31566

Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().

8.8CVSS8.6AI score0.00107EPSS

CVE•added 2023/05/10 4:15 p.m.•33 views

CVE-2023-31568

Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.

8.8CVSS8.9AI score0.00159EPSS

CVE•added 2023/05/10 4:15 p.m.•29 views

CVE-2023-31555

podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.

6.5CVSS6.3AI score0.0009EPSS