Podofo Security Vulnerabilities and Issues — Podofo CVE List

Lucene search

Podofo ProjectPodofo

3 matches found

CVE•added 2019/02/04 7:29 p.m.•80 views

CVE-2018-20751

An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, whi...

8.8CVSS6.4AI score0.00437EPSS

CVE•added 2019/02/27 5:29 p.m.•75 views

CVE-2018-20797

An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.

6.5CVSS6.3AI score0.00138EPSS

CVE•added 2019/02/26 11:29 p.m.•75 views

CVE-2019-9199

PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspeci...

8.8CVSS7.1AI score0.0053EPSS