Debian Libpodofo vulnerabilities

CVE-2025-9394 [MEDIUM] CVE-2025-9394: libpodofo - A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTo... A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called

CVE-2025-46205 [HIGH] CVE-2025-46205: libpodofo - A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.... A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-31566 [HIGH] CVE-2023-31566: libpodofo - Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component... Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-31567 [HIGH] CVE-2023-31567: libpodofo - Podofo v0.10.0 was discovered to contain a heap buffer overflow via the componen... Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2023-31555 [MEDIUM] CVE-2023-31555: libpodofo - podofoinfo 0.10.0 was discovered to contain a segmentation violation via the fun... podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2023-2241 [MEDIUM] CVE-2023-2241: libpodofo - A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. A... A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e

CVE-2023-31568 [HIGH] CVE-2023-31568: libpodofo - Podofo v0.10.0 was discovered to contain a heap buffer overflow via the componen... Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2023-31556 [MEDIUM] CVE-2023-31556: libpodofo - podofoinfo 0.10.0 was discovered to contain a segmentation violation via the fun... podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2021-30472 [HIGH] CVE-2021-30472: libpodofo - A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5... A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2021-30471 [MEDIUM] CVE-2021-30471: libpodofo - A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree... A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-1) bullseye: open forky: resolved (fixed in 0.9.8+dfsg-1) sid: resolved (fixed in 0.9.8+dfsg-1) trixie: resolved (fixed in 0.9.8+dfsg-1)

CVE-2021-30470 [MEDIUM] CVE-2021-30470: libpodofo - A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokeni... A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-1) bullseye: open forky: resolved (fixed in 0.9.8+dfsg-1) sid: resolved (fixed in 0.9.8+dfsg-1) trixie: resol

CVE-2021-30469 [MEDIUM] CVE-2021-30469: libpodofo - A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Cl... A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2020-18971 [MEDIUM] CVE-2020-18971: libpodofo - Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial ... Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-1) bullseye: open forky: resolved (fixed in 0.9.8+dfsg-1) sid: resolved (fixed in 0.9.8+dfsg-1) trixie: resolved (fixed in 0.9.8+dfsg-1)

CVE-2020-18972 [MEDIUM] CVE-2020-18972: libpodofo - Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allo... Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2019-9687 [CRITICAL] CVE-2019-9687: libpodofo - PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 i... PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-5) bullseye: resolved (fixed in 0.9.6+dfsg-5) forky: resolved (fixed in 0.9.6+dfsg-5) sid: resolved (fixed in 0.9.6+dfsg-5) trixie: resolved (fixed in 0.9.6+dfsg-5)

CVE-2019-20093 [MEDIUM] CVE-2019-20093: libpodofo - The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 all... The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-2) bullseye: open forky: resolved (fixed in 0.9.8+dfsg-2) sid: resolved (fixed in 0.9.8+dfsg-2) trixie:

CVE-2019-10723 [MEDIUM] CVE-2019-10723: libpodofo - An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfP... An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-2) bullseye: open forky: resolved (fixed in 0.9.8+dfsg-2) sid: resolved (fixed in 0.9.8+dfsg-2) trixie: resolved (fixed in 0.9.8+

CVE-2019-9199 [HIGH] CVE-2019-9199: libpodofo - PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 ... PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. Scope: local bookworm: resolved (fixed in 0.9.6+df

CVE-2018-20751 [HIGH] CVE-2018-20751: libpodofo - An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document... An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. Scope: local bookworm: resolved (fi

CVE-2018-8002 [HIGH] CVE-2018-8002: libpodofo - In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject:... In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. Scope: local bookworm: resolved (fixed in 0.9.8+dfsg-1) bullseye: o