Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
podofo project podofo 0.9.6 vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2019-9687
PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.
Podofo Project Podofo 0.9.6
Fedoraproject Fedora 29
8.8
CVSSv3
CVE-2019-9199
PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an malicious user to cause Denial of Service (Segmentation fault)...
Podofo Project Podofo 0.9.6
Fedoraproject Fedora 29
Fedoraproject Fedora 30
8.8
CVSSv3
CVE-2018-20751
An issue exists in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at t...
Podofo Project Podofo 0.9.6
8.8
CVSSv3
CVE-2018-19532
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an malicious user to cause Denial of Service.
Podofo Project Podofo 0.9.6
7.8
CVSSv3
CVE-2018-12983
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote malicious users to cause a denial-of-service via a crafted pdf file.
Podofo Project Podofo 0.9.6
6.5
CVSSv3
CVE-2018-20797
An issue exists in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.
Podofo Project Podofo 0.9.6
5.5
CVSSv3
CVE-2020-18971
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows malicious users to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
Podofo Project Podofo 0.9.6
5.5
CVSSv3
CVE-2020-18972
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows malicious users to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.
Podofo Project Podofo 0.9.6
5.5
CVSSv3
CVE-2019-20093
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.
Podofo Project Podofo 0.9.6
Fedoraproject Fedora 30
Fedoraproject Fedora 31
5.5
CVSSv3
CVE-2019-10723
An issue exists in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated.
Podofo Project Podofo 0.9.6
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »