Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo - vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-6846
The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file.
Podofo Project Podofo 0.9.4
4.3
CVSSv2
CVE-2017-8054
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-7381
The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
4.3
CVSSv2
CVE-2017-7383
The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Podofo Project Podofo 0.9.5
6.8
CVSSv2
CVE-2021-30472
A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.
Podofo Project Podofo 0.9.7
NA
CVE-2023-31556
podofoinfo 0.10.0 exists to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.
Podofo Project Podofo 0.10.0
NA
CVE-2023-31555
podofoinfo 0.10.0 exists to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.
Podofo Project Podofo 0.10.0
NA
CVE-2023-31566
Podofo v0.10.0 exists to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
Podofo Project Podofo 0.10.0
NA
CVE-2023-31567
Podofo v0.10.0 exists to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.
Podofo Project Podofo 0.10.0
NA
CVE-2023-31568
Podofo v0.10.0 exists to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4.
Podofo Project Podofo 0.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »