| Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|
| CVE-2023-31568 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ... |
| CVE-2023-31567 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Podofo v0.10.0 was discovered to contain a heap buffer overflow via th ... |
| CVE-2023-31566 | vulnerable | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Podofo v0.10.0 was discovered to contain a heap-use-after-free via the ... |
| CVE-2023-31556 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | podofoinfo 0.10.0 was discovered to contain a segmentation violation v ... |
| CVE-2023-31555 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | podofoinfo 0.10.0 was discovered to contain a segmentation violation v ... |
| CVE-2023-2241 | vulnerable | vulnerable | fixed | fixed | fixed | fixed | fixed | A vulnerability, which was classified as critical, was found in PoDoFo ... |
| CVE-2021-30472 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in Pdf ... |
| CVE-2021-30471 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in Pd ... |
| CVE-2021-30470 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among ... |
| CVE-2021-30469 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecO ... |
| CVE-2020-18972 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v ... |
| CVE-2020-18971 | vulnerable | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause ... |
| CVE-2019-20093 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ... |
| CVE-2019-10723 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA, ignored) | vulnerable (no DSA, ignored) | fixed | fixed | fixed | An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ... |
| CVE-2019-9687 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ... |
| CVE-2019-9199 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoD ... |
| CVE-2018-20751 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PD ... |
| CVE-2018-19532 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A NULL pointer dereference vulnerability exists in the function PdfTra ... |
| CVE-2018-14320 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | This vulnerability allows remote attackers to disclose sensitive infor ... |
| CVE-2018-12983 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryp ... |
| CVE-2018-12982 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function ... |
| CVE-2018-11256 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::App ... |
| CVE-2018-11255 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPage ... |
| CVE-2018-11254 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursi ... |
| CVE-2018-8002 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | vulnerable | In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfPar ... |
| CVE-2018-8001 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerabil ... |
| CVE-2018-6352 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::Rea ... |
| CVE-2018-5783 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoD ... |
| CVE-2018-5309 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamPa ... |
| CVE-2018-5308 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMem ... |
| CVE-2018-5296 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the Pdf ... |
| CVE-2018-5295 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamPars ... |
| CVE-2017-8787 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ... |
| CVE-2017-8378 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | Heap-based buffer overflow in the PdfParser::ReadObjects function in b ... |
| CVE-2017-8054 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 ... |
| CVE-2017-8053 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | PoDoFo 0.9.5 allows denial of service (infinite recursion and stack co ... |
| CVE-2017-7994 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoD ... |
| CVE-2017-7383 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attac ... |
| CVE-2017-7382 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attac ... |
| CVE-2017-7381 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attacker ... |
| CVE-2017-7380 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attacker ... |
| CVE-2017-7379 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncodi ... |
| CVE-2017-7378 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoF ... |
| CVE-2017-6849 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in Po ... |
| CVE-2017-6848 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoF ... |
| CVE-2017-6847 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ... |
| CVE-2017-6846 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace fun ... |
| CVE-2017-6845 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9. ... |
| CVE-2017-6844 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Buffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function ... |
| CVE-2017-6843 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Heap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad func ... |
| CVE-2017-6842 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ... |
| CVE-2017-6841 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement funct ... |
| CVE-2017-6840 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ... |
| CVE-2017-5886 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken f ... |
| CVE-2017-5855 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in ... |
| CVE-2017-5854 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | base/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ca ... |
| CVE-2017-5853 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote a ... |
| CVE-2017-5852 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | The PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVar ... |
| CVE-2015-8981 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | fixed | Heap-based buffer overflow in the PdfParser::ReadXRefSubsection functi ... |