Aggregates CVE and security vulnerability intelligence across all Podofo-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk memory corruption and vendor risk buffer overflow, with potential vendor impact memory corruption and vendor impact application crash across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-46205 | A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue. | [email protected] | 8.1 | 0.06% | 2025-10-01 | 2025-10-27 |
| CVE-2025-9394 | A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. It is possible to launch the attack on the local host. The exploit has been published and may be used. This patch is called 22d16cb142f293bf956f66a4d399cdd65576d36c. A patch should be applied to remediate this issue. | [email protected] | 1.9 | 0.05% | 2025-08-24 | 2026-04-29 |
| CVE-2023-31568 | Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptRC4::PdfEncryptRC4. | [email protected] | 8.8 | 0.33% | 2023-05-10 | 2025-01-27 |
| CVE-2023-31567 | Podofo v0.10.0 was discovered to contain a heap buffer overflow via the component PoDoFo::PdfEncryptAESV3::PdfEncryptAESV3. | [email protected] | 8.8 | 0.17% | 2023-05-10 | 2025-01-27 |
| CVE-2023-31566 | Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted(). | [email protected] | 8.8 | 0.16% | 2023-05-10 | 2025-01-27 |
| CVE-2023-31556 | podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfDictionary::findKeyParent. | [email protected] | 6.5 | 0.32% | 2023-05-10 | 2025-01-27 |
| CVE-2023-31555 | podofoinfo 0.10.0 was discovered to contain a segmentation violation via the function PoDoFo::PdfObject::DelayedLoad. | [email protected] | 6.5 | 0.23% | 2023-05-10 | 2025-01-27 |
| CVE-2023-2241 | A vulnerability, which was classified as critical, was found in PoDoFo 0.10.0. Affected is the function readXRefStreamEntry of the file PdfXRefStreamParserObject.cpp. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 535a786f124b739e3c857529cecc29e4eeb79778. It is recommended to apply a patch to fix this issue. VDB-227226 is the identifier assigned to this vulnerab | [email protected] | 5.3 | 0.15% | 2023-04-22 | 2025-02-04 |
| CVE-2020-18972 | Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'. | [email protected] | 5.5 | 0.17% | 2021-08-25 | 2024-11-21 |
| CVE-2020-18971 | Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'. | [email protected] | 5.5 | 0.10% | 2021-08-25 | 2024-11-21 |
| CVE-2021-30472 | A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value. | [email protected] | 7.8 | 0.19% | 2021-05-26 | 2024-11-21 |
| CVE-2021-30471 | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call in PdfNamesTree::AddToDictionary function in src/podofo/doc/PdfNamesTree.cpp can lead to a stack overflow. | [email protected] | 5.5 | 0.11% | 2021-05-26 | 2024-11-21 |
| CVE-2021-30470 | A flaw was found in PoDoFo 0.9.7. An uncontrolled recursive call among PdfTokenizer::ReadArray(), PdfTokenizer::GetNextVariant() and PdfTokenizer::ReadDataType() functions can lead to a stack overflow. | [email protected] | 5.5 | 0.11% | 2021-05-26 | 2024-11-21 |
| CVE-2021-30469 | A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file. | [email protected] | 5.5 | 0.17% | 2021-05-26 | 2024-11-21 |
| CVE-2019-20093 | The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file, because of ImageExtractor.cpp. | [email protected] | 5.5 | 0.45% | 2019-12-30 | 2024-11-21 |
| CVE-2019-10723 | An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. | [email protected] | 5.5 | 0.07% | 2019-04-03 | 2024-11-21 |
| CVE-2019-9687 | PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF16toUTF8 in base/PdfString.cpp. | [email protected] | 9.8 | 0.49% | 2019-03-11 | 2024-11-21 |
| CVE-2018-20797 | An issue was discovered in PoDoFo 0.9.6. There is an attempted excessive memory allocation in PoDoFo::podofo_calloc in base/PdfMemoryManagement.cpp when called from PoDoFo::PdfPredictorDecoder::PdfPredictorDecoder in base/PdfFiltersPrivate.cpp. | [email protected] | 6.5 | 0.15% | 2019-02-27 | 2024-11-21 |
| CVE-2019-9199 | PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoDoFo 0.9.6 has a NULL pointer dereference that can (for example) be triggered by sending a crafted PDF file to the podofoimpose binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact. | [email protected] | 8.8 | 0.45% | 2019-02-26 | 2024-11-21 |
| CVE-2018-20751 | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. | [email protected] | 8.8 | 0.44% | 2019-02-04 | 2024-11-21 |