Debian Libpodofo vulnerabilities

62 known vulnerabilities affecting debian/libpodofo.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL3HIGH10MEDIUM27LOW22

Vulnerabilities

Page 3 of 4

CVE-2017-8787HIGHCVSS 8.8fixed in libpodofo 0.9.5-7 (bookworm)2017

CVE-2017-8787 [HIGH] CVE-2017-8787: libpodofo - The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfX... The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file. Scope: local bookworm: resolved (fixed in 0.9.5-7) bullseye: resolved (fixed in 0.9.5-7) fork

debian

CVE-2017-6842MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-6842 [MEDIUM] CVE-2017-6842: libpodofo - The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5... The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0

debian

CVE-2017-6848MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-6848 [MEDIUM] CVE-2017-6848: libpodofo - The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 al... The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.

debian

CVE-2017-5854MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-5854 [MEDIUM] CVE-2017-5854: libpodofo - base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a deni... base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9) trixie: resolved (fixed in 0.9.5-9)

debian

CVE-2017-8054MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-8054 [MEDIUM] CVE-2017-8054: libpodofo - The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo... The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9

debian

CVE-2017-7381MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-7381 [MEDIUM] CVE-2017-7381: libpodofo - The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause... The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.

debian

CVE-2017-7380MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-7380 [MEDIUM] CVE-2017-7380: libpodofo - The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause... The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.

debian

CVE-2017-6849MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-6849 [MEDIUM] CVE-2017-6849: libpodofo - The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4... The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9) trixie: resolved (fixed in 0

debian

CVE-2017-7382MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-7382 [MEDIUM] CVE-2017-7382: libpodofo - The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to ca... The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0

debian

CVE-2017-7378MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-7378 [MEDIUM] CVE-2017-7378: libpodofo - The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 al... The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6

debian

CVE-2017-7379MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-5 (bookworm)2017

CVE-2017-7379 [MEDIUM] CVE-2017-7379: libpodofo - The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in ... The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncoding.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-5) bullseye: resolved (fixed in 0.9.4-5) forky: resolved (fixed in 0.9.4-5) sid: resolved (f

debian

CVE-2017-6840MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-6840 [MEDIUM] CVE-2017-6840: libpodofo - The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5... The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.4-6)

debian

CVE-2017-5855MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-5855 [MEDIUM] CVE-2017-5855: libpodofo - The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.... The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed i

debian

CVE-2017-6841MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-6841 [MEDIUM] CVE-2017-6841: libpodofo - The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in gra... The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9)

debian

CVE-2017-6845MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-6845 [MEDIUM] CVE-2017-6845: libpodofo - The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows r... The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9) trixie: resolved (fixed in 0.9.5-9)

debian

CVE-2017-7994MEDIUMCVSS 6.5fixed in libpodofo 0.9.5-7 (bookworm)2017

CVE-2017-7994 [MEDIUM] CVE-2017-7994: libpodofo - The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 ... The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.5-7) bullseye: resolved (fixed in 0.9.5-7) forky: resolved (fixed in 0.9.5-7) sid: resolved (fixed in 0.9.5-7)

debian

CVE-2017-6846MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017

CVE-2017-6846 [MEDIUM] CVE-2017-6846: libpodofo - The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in g... The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace function in graphicsstack.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9

debian

CVE-2017-8053MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2017

CVE-2017-8053 [MEDIUM] CVE-2017-8053: libpodofo - PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption)... PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp). Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-3) bullseye: resolved (fixed in 0.9.6+dfsg-3) forky: resolved (fixed in 0.9.6+dfsg-3) sid: resolved (fixed in 0.9.6+dfsg-3) trixie: resolved (fixed

debian

CVE-2017-7383MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-7383 [MEDIUM] CVE-2017-7383: libpodofo - The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to ca... The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0

debian

CVE-2017-6847MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017

CVE-2017-6847 [MEDIUM] CVE-2017-6847: libpodofo - The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 all... The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.4

debian

← Previous3 / 4Next →