Vulnerabilities > Podofo Project > Podofo > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-31566 | Use After Free vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | 8.8 |
| 2023-05-10 | CVE-2023-31567 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | 8.8 |
| 2023-05-10 | CVE-2023-31568 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | 8.8 |
| 2023-04-22 | CVE-2023-2241 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. | 7.8 |
| 2021-05-26 | CVE-2021-30472 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.7 A flaw was found in PoDoFo 0.9.7. | 7.8 |
| 2019-02-26 | CVE-2019-9199 | NULL Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. | 8.8 |
| 2019-02-04 | CVE-2018-20751 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in crop_page in PoDoFo 0.9.6. | 8.8 |
| 2018-11-26 | CVE-2018-19532 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6 A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. | 8.8 |
| 2018-06-29 | CVE-2018-12983 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.6 A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. | 7.8 |
| 2018-03-09 | CVE-2018-8002 | Infinite Loop vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. | 8.8 |