AVG-1792 log

Package podofo
Status Vulnerable
Severity Medium
Type multiple issues
Affected 0.9.7-1
Fixed Unknown
Current 0.9.7-1 [community]
Ticket Create
Created Fri Apr 9 10:24:26 2021
Issue Severity Remote Type Description
CVE-2021-30472 Medium No Arbitrary code execution
A security issue was found in PoDoFo. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of...
CVE-2021-30471 Low No Denial of service
A security issue was found in PoDoFo. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead...
CVE-2021-30470 Medium No Denial of service
A security issue was found in PoDoFo. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and...
CVE-2021-30469 Medium No Arbitrary code execution
A security issue was found in PoDoFo. A use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.