Information on source package libpodofo

Available versions

ReleaseVersion
jessie0.9.0-1.2
stretch0.9.4-6
buster0.9.6+dfsg-5
bullseye0.9.6+dfsg-5
sid0.9.6+dfsg-5

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-9687vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedPoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ...
CVE-2019-9199vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedPoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoD ...
CVE-2019-10723vulnerable (no DSA, ignored)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...
CVE-2018-8002vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableIn PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfPar ...
CVE-2018-8001vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerabil ...
CVE-2018-6352vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::Rea ...
CVE-2018-5783vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoD ...
CVE-2018-5309vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamPa ...
CVE-2018-5308vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedPoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMem ...
CVE-2018-5296vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there is an uncontrolled memory allocation in the Pdf ...
CVE-2018-5295vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedIn PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamPars ...
CVE-2018-20797vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in PoDoFo 0.9.6. There is an attempted excessi ...
CVE-2018-20751vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PD ...
CVE-2018-19532vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedA NULL pointer dereference vulnerability exists in the function PdfTra ...
CVE-2018-14320vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThis vulnerability allows remote attackers to disclose sensitive infor ...
CVE-2018-12983vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableA stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryp ...
CVE-2018-12982vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInvalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function ...
CVE-2018-11256vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in PoDoFo 0.9.5. The function PdfDocument::App ...
CVE-2018-11255vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPage ...
CVE-2018-11254vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursi ...
CVE-2017-8787vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in ...
CVE-2017-8378vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedHeap-based buffer overflow in the PdfParser::ReadObjects function in b ...
CVE-2017-8054vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 ...
CVE-2017-8053vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedPoDoFo 0.9.5 allows denial of service (infinite recursion and stack co ...
CVE-2017-7994vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe function TextExtractor::ExtractText in TextExtractor.cpp:77 in PoD ...
CVE-2017-7383vulnerable (no DSA)fixedfixedfixedfixedThe PdfFontFactory.cpp:195:62 code in PoDoFo 0.9.5 allows remote attac ...
CVE-2017-7382vulnerable (no DSA)fixedfixedfixedfixedThe PdfFontFactory.cpp:200:88 code in PoDoFo 0.9.5 allows remote attac ...
CVE-2017-7381vulnerable (no DSA)fixedfixedfixedfixedThe doc/PdfPage.cpp:609:23 code in PoDoFo 0.9.5 allows remote attacker ...
CVE-2017-7380vulnerable (no DSA)fixedfixedfixedfixedThe doc/PdfPage.cpp:614:20 code in PoDoFo 0.9.5 allows remote attacker ...
CVE-2017-7379vulnerable (no DSA)fixedfixedfixedfixedThe PoDoFo::PdfSimpleEncoding::ConvertToEncoding function in PdfEncodi ...
CVE-2017-7378vulnerable (no DSA)fixedfixedfixedfixedThe PoDoFo::PdfPainter::ExpandTabs function in PdfPainter.cpp in PoDoF ...
CVE-2017-6849vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfColorGray::~PdfColorGray function in PdfColor.cpp in Po ...
CVE-2017-6848vulnerable (no DSA)fixedfixedfixedfixedThe PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoF ...
CVE-2017-6847vulnerable (no DSA)fixedfixedfixedfixedThe PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...
CVE-2017-6846vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe GraphicsStack::TGraphicsStackElement::SetNonStrokingColorSpace fun ...
CVE-2017-6845vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfColor::operator function in PdfColor.cpp in PoDoFo 0.9. ...
CVE-2017-6844vulnerable (no DSA)fixedfixedfixedfixedBuffer overflow in the PoDoFo::PdfParser::ReadXRefSubsection function ...
CVE-2017-6843vulnerable (no DSA)fixedfixedfixedfixedHeap-based buffer overflow in the PoDoFo::PdfVariant::DelayedLoad func ...
CVE-2017-6842vulnerable (no DSA)fixedfixedfixedfixedThe ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ...
CVE-2017-6841vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe GraphicsStack::TGraphicsStackElement::~TGraphicsStackElement funct ...
CVE-2017-6840vulnerable (no DSA)fixedfixedfixedfixedThe ColorChanger::GetColorFromStack function in colorchanger.cpp in Po ...
CVE-2017-5886vulnerable (no DSA)fixedfixedfixedfixedHeap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken f ...
CVE-2017-5855vulnerable (no DSA)fixedfixedfixedfixedThe PoDoFo::PdfParser::ReadXRefSubsection function in PdfParser.cpp in ...
CVE-2017-5854vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedbase/PdfOutputStream.cpp in PoDoFo 0.9.4 allows remote attackers to ca ...
CVE-2017-5853vulnerable (no DSA)fixedfixedfixedfixedInteger overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote a ...
CVE-2017-5852vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe PoDoFo::PdfPage::GetInheritedKeyFromObject function in base/PdfVar ...
CVE-2015-8981vulnerable (no DSA)fixedfixedfixedfixedHeap-based buffer overflow in the PdfParser::ReadXRefSubsection functi ...

Security announcements

DSA / DLADescription
DLA-968-1libpodofo - security update
DLA-929-1libpodofo - security update

Search for package or bug name: Reporting problems