Описание
A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.
Ссылки
- ExploitIssue TrackingPatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:podofo_project:podofo:0.9.7:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00168
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416
CWE-416
Связанные уязвимости
CVSS3: 5.5
ubuntu
больше 4 лет назад
A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.
CVSS3: 5.5
debian
больше 4 лет назад
A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecO ...
CVSS3: 5.5
github
больше 3 лет назад
A flaw was found in PoDoFo 0.9.7. An use-after-free in PoDoFo::PdfVecObjects::Clear() function can cause a denial of service via a crafted PDF file.
EPSS
Процентиль: 38%
0.00168
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-416
CWE-416