vulnerability

Ubuntu: USN-7217-1 (CVE-2018-8002): PoDoFo library vulnerabilities

Try Surface Command
Back to search
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Mar 9, 2018
Added
Jan 23, 2025
Modified
Mar 27, 2026

Description

In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.

Solutions

ubuntu-pro-upgrade-libpodofo-utilsubuntu-pro-upgrade-libpodofo0-9-0ubuntu-pro-upgrade-libpodofo0-9-3ubuntu-pro-upgrade-libpodofo0-9-5ubuntu-pro-upgrade-libpodofo0-9-6ubuntu-pro-upgrade-libpodofo0-9-7

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report