CVE-2021-30472

Опубликовано: 26 мая 2021

Источник: debian

Описание

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.

Пакеты

Пакет	Статус	Релиз	Тип
libpodofo	unfixed		package
libpodofo	postponed	trixie	package
libpodofo	postponed	bookworm	package
libpodofo	no-dsa	bullseye	package
libpodofo	no-dsa	buster	package
libpodofo	postponed	stretch	package

Примечания

https://sourceforge.net/p/podofo/tickets/132/

Связанные уязвимости

CVE-2021-30472

CVSS3: 7.8

ubuntu

больше 4 лет назад

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.

CVE-2021-30472

CVSS3: 7.8

nvd

больше 4 лет назад

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.

GHSA-4wq4-55w3-3f9f

CVSS3: 7.8

github

больше 3 лет назад

A flaw was found in PoDoFo 0.9.7. A stack-based buffer overflow in PdfEncryptMD5Base::ComputeOwnerKey function in PdfEncrypt.cpp is possible because of a improper check of the keyLength value.