Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
383
VMScore

CVE-2020-18972

Published: 25/08/2021 Updated: 07/09/2021
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Podofo Project

Vulnerability Summary

Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows malicious users to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

podofo project podofo 0.9.6

Vendor Advisories

Arch Linux Issues:
Exposure of sensitive information to an unauthorized actor in PoDoFo v096 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizercpp' ...

References

CWE-668https://sourceforge.net/p/podofo/tickets/49/https://nvd.nist.govhttps://security.archlinux.org/CVE-2020-18972
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook