cbcvebase.

Debian Libpodofo vulnerabilities

50 known vulnerabilities affecting debian/libpodofo.

Total CVEs
50
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH7MEDIUM26LOW14

Vulnerabilities

Page 3 of 3
CVE-2017-8054P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017
CVE-2017-8054 [MEDIUM] CVE-2017-8054: libpodofo - The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo... The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9
debian
CVE-2018-11254P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-4 (bookworm)2018
CVE-2018-11254 [MEDIUM] CVE-2018-11254: libpodofo - An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the ... An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-4) bullseye: resolved (fixed in
debian
CVE-2018-5783P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-4 (bookworm)2018
CVE-2018-5783 [MEDIUM] CVE-2018-5783: libpodofo - In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVe... In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-4) bullseye: resolved (fixed in 0.9.6+dfsg-4) forky: resolved (fixed in 0.9.6+
debian
CVE-2018-5309P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-5309 [MEDIUM] CVE-2018-5309: libpodofo - In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject... In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-3) bullseye: resolved (fixed in 0.9.6+dfsg-3) forky: res
debian
CVE-2018-5296P4LOWCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-5296 [MEDIUM] CVE-2018-5296: libpodofo - In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::Re... In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-3) bullseye: resolved (fixed in 0.9.6+dfsg-3) forky: resolved (fixed in 0.9.6+dfs
debian
CVE-2018-6352P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2018
CVE-2018-6352 [MEDIUM] CVE-2018-6352: libpodofo - In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsIn... In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file. Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-3) bullseye: resolved (fixed in 0.9.6+dfsg-3) forky: resolved (fixed in 0.9.6+dfsg-3)
debian
CVE-2017-6840P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.4-6 (bookworm)2017
CVE-2017-6840 [MEDIUM] CVE-2017-6840: libpodofo - The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5... The ColorChanger::GetColorFromStack function in colorchanger.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (invalid read) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.4-6) bullseye: resolved (fixed in 0.9.4-6) forky: resolved (fixed in 0.9.4-6) sid: resolved (fixed in 0.9.4-6) trixie: resolved (fixed in 0.9.4-6)
debian
CVE-2017-6841P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.5-9 (bookworm)2017
CVE-2017-6841 [MEDIUM] CVE-2017-6841: libpodofo - The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in gra... The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement function in graphicsstack.h in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file. Scope: local bookworm: resolved (fixed in 0.9.5-9) bullseye: resolved (fixed in 0.9.5-9) forky: resolved (fixed in 0.9.5-9) sid: resolved (fixed in 0.9.5-9)
debian
CVE-2017-8053P4MEDIUMCVSS 5.5fixed in libpodofo 0.9.6+dfsg-3 (bookworm)2017
CVE-2017-8053 [MEDIUM] CVE-2017-8053: libpodofo - PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption)... PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp). Scope: local bookworm: resolved (fixed in 0.9.6+dfsg-3) bullseye: resolved (fixed in 0.9.6+dfsg-3) forky: resolved (fixed in 0.9.6+dfsg-3) sid: resolved (fixed in 0.9.6+dfsg-3) trixie: resolved (fixed
debian
CVE-2018-11255P4LOWCVSS 5.5fixed in libpodofo 0.9.7+dfsg-2 (bookworm)2018
CVE-2018-11255 [MEDIUM] CVE-2018-11255: libpodofo - An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() i... An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. Scope: local bookworm: resolved (fixed in 0.9.7+dfsg-2) bullseye: resolved (fixed in 0.9.7+dfsg-2) forky: resolved (fixed in
debian
Debian Libpodofo vulnerabilities | cvebase