Debian Libpodofo vulnerabilities
50 known vulnerabilities affecting debian/libpodofo.
Total CVEs
50
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM26LOW14
Vulnerabilities
Page 3 of 3
CVE-2017-8054P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017
CVE-2017-8054 [MEDIUM] CVE-2017-8054: libpodofo - The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo...
The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
Scope: local
bookworm: resolved (fixed in 0.9.5-9)
bullseye: resolved (fixed in 0.9.5-9)
forky: resolved (fixed in 0.9.5-9)
sid: resolved (fixed in 0.9.5-9
debian
CVE-2018-11254P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-4 (bookworm)2018
CVE-2018-11254 [MEDIUM] CVE-2018-11254: libpodofo - An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the ...
An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-4)
bullseye: resolved (fixed in
debian
CVE-2018-5783P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-4 (bookworm)2018
CVE-2018-5783 [MEDIUM] CVE-2018-5783: libpodofo - In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVe...
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-4)
bullseye: resolved (fixed in 0.9.6+dfsg-4)
forky: resolved (fixed in 0.9.6+
debian
CVE-2018-5309P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-5309 [MEDIUM] CVE-2018-5309: libpodofo - In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject...
In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-3)
bullseye: resolved (fixed in 0.9.6+dfsg-3)
forky: res
debian
CVE-2018-5296P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-5296 [MEDIUM] CVE-2018-5296: libpodofo - In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::Re...
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-3)
bullseye: resolved (fixed in 0.9.6+dfsg-3)
forky: resolved (fixed in 0.9.6+dfs
debian
CVE-2018-6352P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-6352 [MEDIUM] CVE-2018-6352: libpodofo - In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsIn...
In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-3)
bullseye: resolved (fixed in 0.9.6+dfsg-3)
forky: resolved (fixed in 0.9.6+dfsg-3)
debian
CVE-2017-6840P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017
CVE-2017-6840 [MEDIUM] CVE-2017-6840: libpodofo - The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5...
The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file.
Scope: local
bookworm: resolved (fixed in 0.9.4-6)
bullseye: resolved (fixed in 0.9.4-6)
forky: resolved (fixed in 0.9.4-6)
sid: resolved (fixed in 0.9.4-6)
trixie: resolved (fixed in 0.9.4-6)
debian
CVE-2017-6841P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017
CVE-2017-6841 [MEDIUM] CVE-2017-6841: libpodofo - The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in gra...
The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
Scope: local
bookworm: resolved (fixed in 0.9.5-9)
bullseye: resolved (fixed in 0.9.5-9)
forky: resolved (fixed in 0.9.5-9)
sid: resolved (fixed in 0.9.5-9)
debian
CVE-2017-8053P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2017
CVE-2017-8053 [MEDIUM] CVE-2017-8053: libpodofo - PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption)...
PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).
Scope: local
bookworm: resolved (fixed in 0.9.6+dfsg-3)
bullseye: resolved (fixed in 0.9.6+dfsg-3)
forky: resolved (fixed in 0.9.6+dfsg-3)
sid: resolved (fixed in 0.9.6+dfsg-3)
trixie: resolved (fixed
debian
CVE-2018-11255P4LOWCVSS 5.5fixed in libpodofo 0.9.7+dfsg-2 (bookworm)2018
CVE-2018-11255 [MEDIUM] CVE-2018-11255: libpodofo - An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() i...
An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
Scope: local
bookworm: resolved (fixed in 0.9.7+dfsg-2)
bullseye: resolved (fixed in 0.9.7+dfsg-2)
forky: resolved (fixed in
debian
← Previous3 / 3