AVG-1427 log

Package podofo
Status Vulnerable
Severity Low
Type denial of service
Affected 0.9.7-1
Fixed Unknown
Current 0.9.7-1 [community-testing]
0.9.6-3 [community]
Ticket Create
Created Sun Jan 10 10:26:08 2021
Issue Severity Remote Type Description
CVE-2019-20093 Low No Denial of service
The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference)...
CVE-2019-10723 Low No Denial of service
An issue was discovered in PoDoFo. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because...
CVE-2018-20797 Low No Denial of service
An issue was discovered in PoDoFo. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called...
CVE-2018-12983 Low No Denial of service
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo could be leveraged by remote attackers...
CVE-2018-8002 Low No Denial of service
In PoDoFo, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow....