Vulnerabilities > Podofo Project > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-31566 | Use After Free vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | 8.8 |
| 2023-05-10 | CVE-2023-31567 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | 8.8 |
| 2023-05-10 | CVE-2023-31568 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | 8.8 |
| 2023-04-22 | CVE-2023-2241 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. | 7.8 |
| 2021-05-26 | CVE-2021-30472 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.7 A flaw was found in PoDoFo 0.9.7. | 7.8 |
| 2019-02-26 | CVE-2019-9199 | NULL Pointer Dereference vulnerability in multiple products PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. | 8.8 |
| 2018-06-29 | CVE-2018-12983 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.6 A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file. | 7.8 |
| 2017-05-01 | CVE-2017-8378 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.5 Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size. | 7.5 |
| 2017-03-16 | CVE-2015-8981 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size. | 7.5 |