VYPR

rpm package

opensuse/podofo&distro=openSUSE Leap 15.3

pkg:rpm/opensuse/podofo&distro=openSUSE%20Leap%2015.3

Vulnerabilities (2)

  • CVE-2019-20093Dec 30, 2019
    affected < 0.9.6-150300.3.3.1fixed 0.9.6-150300.3.3.1

    The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp.

  • CVE-2018-12983HigJun 29, 2018
    affected < 0.9.6-150300.3.6.1fixed 0.9.6-150300.3.6.1

    A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.