Vulnerabilities > Podofo Project > Podofo > 0.9.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-25 | CVE-2020-18971 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.6 Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. | 5.5 |
| 2021-08-25 | CVE-2020-18972 | Exposure of Resource to Wrong Sphere vulnerability in Podofo Project Podofo 0.9.6 Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | 5.5 |
| 2019-12-30 | CVE-2019-20093 | NULL Pointer Dereference vulnerability in multiple products The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | 5.5 |
| 2019-04-03 | CVE-2019-10723 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 5.5 |
| 2019-03-11 | CVE-2019-9687 | Out-of-bounds Write vulnerability in multiple products PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | 9.8 |
| 2019-02-27 | CVE-2018-20797 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 6.5 |
| 2019-02-26 | CVE-2019-9199 | NULL Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. | 8.8 |
| 2019-02-04 | CVE-2018-20751 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in crop_page in PoDoFo 0.9.6. | 8.8 |
| 2018-11-26 | CVE-2018-19532 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. | 8.8 |
| 2018-06-29 | CVE-2018-12983 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.6 A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. | 7.8 |