Vulnerabilities > Podofo Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-31555 | Unspecified vulnerability in Podofo Project Podofo 0.10.0 podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. | 6.5 |
| 2023-05-10 | CVE-2023-31556 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.10.0 podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | 6.5 |
| 2021-08-25 | CVE-2020-18971 | Out-of-bounds Write vulnerability in Podofo Project Podofo 0.9.6 Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. | 4.3 |
| 2021-08-25 | CVE-2020-18972 | Exposure of Resource to Wrong Sphere vulnerability in Podofo Project Podofo 0.9.6 Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | 4.3 |
| 2021-05-26 | CVE-2021-30469 | Use After Free vulnerability in multiple products A flaw was found in PoDoFo 0.9.7. | 5.5 |
| 2021-05-26 | CVE-2021-30470 | Uncontrolled Recursion vulnerability in multiple products A flaw was found in PoDoFo 0.9.7. | 5.5 |
| 2021-05-26 | CVE-2021-30471 | Uncontrolled Recursion vulnerability in multiple products A flaw was found in PoDoFo 0.9.7. | 5.5 |
| 2019-12-30 | CVE-2019-20093 | NULL Pointer Dereference vulnerability in multiple products The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | 5.5 |
| 2019-04-03 | CVE-2019-10723 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |
| 2019-02-27 | CVE-2018-20797 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.6 An issue was discovered in PoDoFo 0.9.6. | 4.3 |