Vulnerabilities > Podofo Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-26 | CVE-2021-30471 | Uncontrolled Recursion vulnerability in multiple products A flaw was found in PoDoFo 0.9.7. | 5.5 |
| 2021-05-26 | CVE-2021-30472 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.7 A flaw was found in PoDoFo 0.9.7. | 7.8 |
| 2019-12-30 | CVE-2019-20093 | NULL Pointer Dereference vulnerability in multiple products The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | 5.5 |
| 2019-04-03 | CVE-2019-10723 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |
| 2019-03-11 | CVE-2019-9687 | Out-of-bounds Write vulnerability in multiple products PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | 9.8 |
| 2019-02-27 | CVE-2018-20797 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |
| 2019-02-26 | CVE-2019-9199 | NULL Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. | 8.8 |
| 2019-02-04 | CVE-2018-20751 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in crop_page in PoDoFo 0.9.6. | 6.8 |
| 2018-11-26 | CVE-2018-19532 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. | 6.8 |
| 2018-09-17 | CVE-2018-14320 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. | 4.3 |