Vulnerabilities > Podofo Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-05-10 CVE-2023-31555 Unspecified vulnerability in Podofo Project Podofo 0.10.0
podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad.
network
low complexity
podofo-project
6.5
2023-05-10 CVE-2023-31556 Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0
podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent.
network
low complexity
podofo-project CWE-787
6.5
2021-08-25 CVE-2020-18971 Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.6
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
local
low complexity
podofo-project CWE-787
5.5
2021-08-25 CVE-2020-18972 Exposure of Resource to Wrong Sphere vulnerability in Podofo Project Podofo 0.9.6
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.
local
low complexity
podofo-project CWE-668
5.5
2021-05-26 CVE-2021-30469 Use After Free vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7.
5.5
2021-05-26 CVE-2021-30470 Uncontrolled Recursion vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7.
5.5
2021-05-26 CVE-2021-30471 Uncontrolled Recursion vulnerability in multiple products
A flaw was found in PoDoFo 0.9.7.
5.5
2019-12-30 CVE-2019-20093 NULL Pointer Dereference vulnerability in multiple products
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.
local
low complexity
podofo-project fedoraproject CWE-476
5.5
2019-04-03 CVE-2019-10723 Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6
An issue was discovered in PoDoFo 0.9.6.
local
low complexity
podofo-project CWE-770
5.5
2019-02-27 CVE-2018-20797 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6
An issue was discovered in PoDoFo 0.9.6.
network
low complexity
podofo-project CWE-119
6.5