VYPR

Podofo

by Podofo Project

Source repositories

CVEs (64)

  • CVE-2018-20797Feb 27, 2019
    risk 0.00cvss epss 0.01

    An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp.

  • CVE-2019-9199Feb 26, 2019
    risk 0.00cvss epss 0.03

    PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or…

  • CVE-2018-20751Feb 4, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this…

  • CVE-2018-19532Nov 26, 2018
    risk 0.00cvss epss 0.02

    A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service.

Page 4 of 4