Podofo

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-46205 HIGH POC PATCH This Week

A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue.

Memory Corruption Denial Of Service Use After Free Ubuntu Debian +1
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2025-9394 MEDIUM POC PATCH Monitor

A flaw has been found in PoDoFo 1.1.0-dev.cpp of the component PDF Dictionary Parser. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Podofo Suse
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-46205
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue.

Memory Corruption Denial Of Service Use After Free +3
NVD GitHub
CVE-2025-9394
EPSS 0% CVSS 4.8
MEDIUM POC PATCH Monitor

A flaw has been found in PoDoFo 1.1.0-dev.cpp of the component PDF Dictionary Parser. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Podofo +1
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy