pkg:Debian/libpodofo
共 59 筆 CVECRITICAL4HIGH16MEDIUM39
✅ 檢查你的版本
所有已知漏洞
- CRITICAL9.8CVE-2019-9687PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp.from 0, < 0.9.6+dfsg-5
- CRITICAL9.8CVE-2017-8378Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a…from 0, < 0.9.5-9
- from 0, < 0.9.4-1
- from 0, < 0.9.0-1.1+deb7u1
- HIGH8.8CVE-2023-31567Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3.from 0
- HIGH8.8CVE-2023-31566Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().from 0
- HIGH8.8CVE-2019-9199PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be tr…from 0, < 0.9.6+dfsg-5
- from 0, < 0.9.6+dfsg-4
- HIGH8.8CVE-2018-19532A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while crea…from 0, < 0.9.6+dfsg-4
- HIGH8.8CVE-2018-8002In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may resul…from 0
- HIGH8.8CVE-2017-8787The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote…from 0, < 0.9.5-7
- HIGH8.1CVE-2025-46205A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Servi…from 0
- from 0
- HIGH7.8CVE-2018-12983A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be lev…from 0
- HIGH7.8CVE-2018-8001In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp.from 0, < 0.9.6+dfsg-3
- HIGH7.8CVE-2018-5308PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp).from 0, < 0.9.5-9
- HIGH7.8CVE-2017-6844Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unsp…from 0, < 0.9.4-5
- HIGH7.8CVE-2017-6843Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to have…from 0, < 0.9.4-6
- HIGH7.8CVE-2017-5886Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers t…from 0, < 0.9.4-5
- HIGH7.8CVE-2017-5853Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file.from 0, < 0.9.4-5
- from 0
- MEDIUM6.5CVE-2018-14320This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo.from 0, < 0.9.6+dfsg-4
- from 0, < 0.9.6+dfsg-4
- MEDIUM6.5CVE-2017-7994The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL…from 0, < 0.9.5-7
- MEDIUM5.5CVE-2020-18972Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextTok…from 0
- MEDIUM5.5CVE-2020-18971Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65…from 0
- from 0
- from 0
- from 0
- MEDIUM5.5CVE-2019-20093The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL poi…from 0
- from 0
- MEDIUM5.5CVE-2018-12982Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have d…from 0, < 0.9.6+dfsg-4
- from 0, < 0.9.7+dfsg-2
- from 0, < 0.9.6+dfsg-4
- MEDIUM5.5CVE-2018-6352In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp.from 0, < 0.9.6+dfsg-3
- MEDIUM5.5CVE-2018-5783In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h).from 0, < 0.9.6+dfsg-4
- MEDIUM5.5CVE-2018-5309In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParse…from 0, < 0.9.6+dfsg-3
- MEDIUM5.5CVE-2018-5296In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp).from 0, < 0.9.6+dfsg-3
- MEDIUM5.5CVE-2018-5295In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp).from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-8054The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service…from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-8053PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentS…from 0, < 0.9.6+dfsg-3
- MEDIUM5.5CVE-2017-7383The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and appli…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-7382The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and appli…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-7381The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applicat…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-7380The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and applicat…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-7379The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of s…from 0, < 0.9.4-5
- MEDIUM5.5CVE-2017-7378The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-ba…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-6849The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL…from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-6848The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL po…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-6847The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL poi…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-6846The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to c…from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-6845The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer…from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-6842The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-6841The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cau…from 0, < 0.9.5-9
- from 0, < 0.9.4-6
- from 0, < 0.9.0-1.1+deb7u2
- MEDIUM5.5CVE-2017-5855The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (N…from 0, < 0.9.4-6
- MEDIUM5.5CVE-2017-5854base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a cr…from 0, < 0.9.5-9
- MEDIUM5.5CVE-2017-5852The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVariant.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of…from 0, < 0.9.5-7