Описание
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libpodofo | unfixed | package | ||
| libpodofo | no-dsa | trixie | package | |
| libpodofo | no-dsa | bookworm | package | |
| libpodofo | no-dsa | bullseye | package | |
| libpodofo | no-dsa | buster | package |
Примечания
https://github.com/podofo/podofo/issues/70
https://github.com/podofo/podofo/commit/00d2735a9c5bcb438d6f922b5f2445d28389c2d1 (0.10.1)
EPSS
Процентиль: 32%
0.00123
Низкий
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 2 лет назад
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
CVSS3: 8.8
nvd
больше 2 лет назад
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
CVSS3: 8.8
github
больше 2 лет назад
Podofo v0.10.0 was discovered to contain a heap-use-after-free via the component PoDoFo::PdfEncrypt::IsMetadataEncrypted().
EPSS
Процентиль: 32%
0.00123
Низкий