Vulnerabilities > Podofo Project > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-27 | CVE-2018-6352 | Resource Exhaustion vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. | 4.3 |
| 2018-01-19 | CVE-2018-5783 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). | 4.3 |
| 2018-01-09 | CVE-2018-5309 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). | 4.3 |
| 2018-01-09 | CVE-2018-5308 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). | 6.8 |
| 2018-01-08 | CVE-2018-5296 | Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). | 4.3 |
| 2018-01-08 | CVE-2018-5295 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5 In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). | 4.3 |
| 2017-05-05 | CVE-2017-8787 | Out-of-bounds Read vulnerability in Podofo Project Podofo 0.9.5 The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. | 6.8 |
| 2017-04-22 | CVE-2017-8054 | Infinite Loop vulnerability in Podofo Project Podofo 0.9.5 The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. | 4.3 |
| 2017-04-22 | CVE-2017-8053 | Infinite Loop vulnerability in Podofo Project Podofo 0.9.5 PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp). | 4.3 |
| 2017-04-21 | CVE-2017-7994 | NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5 The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | 4.3 |