Vulnerabilities > Podofo Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-30 | CVE-2019-20093 | Null Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | 4.3 |
| 2019-04-03 | CVE-2019-10723 | Allocation of Resources Without Limits OR Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |
| 2019-03-11 | CVE-2019-9687 | Out-Of-Bounds Write vulnerability in multiple products PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | 7.5 |
| 2019-02-27 | CVE-2018-20797 | Buffer Errors vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |
| 2019-02-26 | CVE-2019-9199 | Null Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. | 6.8 |
| 2019-02-04 | CVE-2018-20751 | Null Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in crop_page in PoDoFo 0.9.6. | 6.8 |
| 2018-11-26 | CVE-2018-19532 | Null Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. | 6.8 |
| 2018-09-17 | CVE-2018-14320 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Podofo Project Podofo This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. | 4.3 |
| 2018-06-29 | CVE-2018-12983 | Out-Of-Bounds Read vulnerability in Podofo Project Podofo 0.9.6 A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. | 6.8 |
| 2018-06-29 | CVE-2018-12982 | Buffer Errors vulnerability in Podofo Project Podofo 0.9.6 Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file. | 4.3 |