Podofo Project

Podofo

62 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-14320

  • EPSS 0.53%
  • Published 17.09.2018 18:29:00
  • Last modified 21.11.2024 03:48:48

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Th...

7.8

CVE-2018-12983

Exploit
  • EPSS 0.5%
  • Published 29.06.2018 05:29:00
  • Last modified 21.11.2024 03:46:11

A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.

5.5

CVE-2018-12982

Exploit
  • EPSS 0.37%
  • Published 29.06.2018 05:29:00
  • Last modified 21.11.2024 03:46:11

Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.

6.5

CVE-2018-11256

Exploit
  • EPSS 0.57%
  • Published 18.05.2018 19:29:00
  • Last modified 21.11.2024 03:43:00

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

5.5

CVE-2018-11255

Exploit
  • EPSS 0.23%
  • Published 18.05.2018 19:29:00
  • Last modified 21.11.2024 03:42:59

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

5.5

CVE-2018-11254

  • EPSS 0.37%
  • Published 18.05.2018 19:29:00
  • Last modified 21.11.2024 03:42:59

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a re...

8.8

CVE-2018-8002

Exploit
  • EPSS 1.95%
  • Published 09.03.2018 19:29:01
  • Last modified 21.11.2024 04:13:04

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibl...

7.8

CVE-2018-8001

  • EPSS 0.29%
  • Published 09.03.2018 19:29:01
  • Last modified 21.11.2024 04:13:03

In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.

8.8

CVE-2018-8000

Exploit
  • EPSS 3.34%
  • Published 09.03.2018 19:29:01
  • Last modified 21.11.2024 04:13:03

In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerability in PoDoFo::PdfTokenizer::GetNextToken() in PdfTokenizer.cpp, a related issue to CVE-2017-5886. Remote attackers could leverage this vulnerability to cause a denial-of-service or...

5.5

CVE-2018-6352

  • EPSS 0.37%
  • Published 27.01.2018 15:29:00
  • Last modified 21.11.2024 04:10:32

In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.