0.9.6

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-25	CVE-2020-18971	Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.6 Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. network podofo-project CWE-787	4.3
2021-08-25	CVE-2020-18972	Exposure of Resource to Wrong Sphere vulnerability in Podofo Project Podofo 0.9.6 Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. network podofo-project CWE-668	4.3
2019-12-30	CVE-2019-20093	NULL Pointer Dereference vulnerability in multiple products The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. local low complexity podofo-project fedoraproject CWE-476	5.5
2019-04-03	CVE-2019-10723	Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. network podofo-project CWE-770	4.3
2019-03-11	CVE-2019-9687	Out-of-bounds Write vulnerability in multiple products PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. network low complexity podofo-project fedoraproject CWE-787 critical	9.8
2019-02-27	CVE-2018-20797	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. network podofo-project CWE-119	4.3
2019-02-26	CVE-2019-9199	NULL Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. network low complexity podofo-project fedoraproject CWE-476	8.8
2019-02-04	CVE-2018-20751	NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in crop_page in PoDoFo 0.9.6. network podofo-project CWE-476	6.8
2018-11-26	CVE-2018-19532	NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. network podofo-project CWE-476	6.8
2018-06-29	CVE-2018-12983	Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.6 A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. local low complexity podofo-project CWE-125	7.8