Vulnerabilities > Podofo Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-09 | CVE-2018-5309 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). | 5.5 |
| 2018-01-09 | CVE-2018-5308 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). | 7.8 |
| 2018-01-08 | CVE-2018-5296 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). | 5.5 |
| 2018-01-08 | CVE-2018-5295 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). | 5.5 |
| 2017-05-05 | CVE-2017-8787 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. | 8.8 |
| 2017-05-01 | CVE-2017-8378 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.5 Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. | 9.8 |
| 2017-04-22 | CVE-2017-8054 | Infinite Loop vulnerability in Podofo Project Podofo 0.9.5 The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. | 5.5 |
| 2017-04-22 | CVE-2017-8053 | Infinite Loop vulnerability in Podofo Project Podofo 0.9.5 PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp). | 5.5 |
| 2017-04-21 | CVE-2017-7994 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 6.5 |
| 2017-04-03 | CVE-2017-7383 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 5.5 |