Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
Typeapk
Namespacealpine
Namepodofo
Version0.9.6-r0
Qualifiers
arch aarch64
distroversion edge
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version0.9.7-r0
Latest_non_vulnerable_version0.9.7-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-316u-w5wu-9feb
vulnerability_id VCID-316u-w5wu-9feb
summary In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5296
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.3869
published_at 2026-06-04T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38781
published_at 2026-06-05T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38784
published_at 2026-06-06T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38757
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5296
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5296
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-5296
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-316u-w5wu-9feb
1
url VCID-3gwq-ra2s-x3bg
vulnerability_id VCID-3gwq-ra2s-x3bg
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8000
reference_id
reference_type
scores
0
value 0.01994
scoring_system epss
scoring_elements 0.83953
published_at 2026-06-04T12:55:00Z
1
value 0.01994
scoring_system epss
scoring_elements 0.83976
published_at 2026-06-05T12:55:00Z
2
value 0.01994
scoring_system epss
scoring_elements 0.83978
published_at 2026-06-06T12:55:00Z
3
value 0.01994
scoring_system epss
scoring_elements 0.83974
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8000
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-8000
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gwq-ra2s-x3bg
2
url VCID-518j-a2se-s7en
vulnerability_id VCID-518j-a2se-s7en
summary The function PdfPagesTree::GetPageNodeFromArray in PdfPageTree.cpp:464 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted PDF document.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8054
reference_id
reference_type
scores
0
value 0.00402
scoring_system epss
scoring_elements 0.61208
published_at 2026-06-06T12:55:00Z
1
value 0.00402
scoring_system epss
scoring_elements 0.61152
published_at 2026-06-04T12:55:00Z
2
value 0.00402
scoring_system epss
scoring_elements 0.61195
published_at 2026-06-07T12:55:00Z
3
value 0.00402
scoring_system epss
scoring_elements 0.61201
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8054
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8054
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860995
reference_id 860995
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860995
4
reference_url https://security.archlinux.org/ASA-202101-36
reference_id ASA-202101-36
reference_type
scores
url https://security.archlinux.org/ASA-202101-36
5
reference_url https://security.archlinux.org/AVG-867
reference_id AVG-867
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-867
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-8054
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-518j-a2se-s7en
3
url VCID-63z7-jtyr-jug8
vulnerability_id VCID-63z7-jtyr-jug8
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7381
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43389
published_at 2026-06-04T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43461
published_at 2026-06-05T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-06-06T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43448
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7381
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7381
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7381
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
reference_id 859329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7381
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-63z7-jtyr-jug8
4
url VCID-6t38-8fgf-1bct
vulnerability_id VCID-6t38-8fgf-1bct
summary Heap-based buffer overflow in the PdfParser::ReadObjects function in base/PdfParser.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via vectors related to m_offsets.size.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8378
reference_id
reference_type
scores
0
value 0.00781
scoring_system epss
scoring_elements 0.74059
published_at 2026-06-04T12:55:00Z
1
value 0.00781
scoring_system epss
scoring_elements 0.74093
published_at 2026-06-05T12:55:00Z
2
value 0.00781
scoring_system epss
scoring_elements 0.74097
published_at 2026-06-06T12:55:00Z
3
value 0.00781
scoring_system epss
scoring_elements 0.74083
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8378
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8378
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861597
reference_id 861597
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861597
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-8378
risk_score 1.7
exploitability 0.5
weighted_severity 3.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6t38-8fgf-1bct
5
url VCID-9g2f-mkmf-a3a6
vulnerability_id VCID-9g2f-mkmf-a3a6
summary PoDoFo 0.9.5 allows denial of service (infinite recursion and stack consumption) via a crafted PDF file in PoDoFo::PdfParser::ReadDocumentStructure (PdfParser.cpp).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8053
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42072
published_at 2026-06-04T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.42146
published_at 2026-06-05T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.42157
published_at 2026-06-06T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42129
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8053
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8053
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860994
reference_id 860994
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860994
3
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-8053
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9g2f-mkmf-a3a6
6
url VCID-9u5b-zxg1-ckhm
vulnerability_id VCID-9u5b-zxg1-ckhm
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12983
reference_id
reference_type
scores
0
value 0.00407
scoring_system epss
scoring_elements 0.61434
published_at 2026-06-04T12:55:00Z
1
value 0.00407
scoring_system epss
scoring_elements 0.61481
published_at 2026-06-05T12:55:00Z
2
value 0.00407
scoring_system epss
scoring_elements 0.61488
published_at 2026-06-06T12:55:00Z
3
value 0.00407
scoring_system epss
scoring_elements 0.61475
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12983
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12983
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12983
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916580
reference_id 916580
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916580
4
reference_url https://security.archlinux.org/AVG-1427
reference_id AVG-1427
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1427
5
reference_url https://usn.ubuntu.com/7217-1/
reference_id USN-7217-1
reference_type
scores
url https://usn.ubuntu.com/7217-1/
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-12983
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9u5b-zxg1-ckhm
7
url VCID-a5k2-czfx-3qa8
vulnerability_id VCID-a5k2-czfx-3qa8
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7378
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.62962
published_at 2026-06-04T12:55:00Z
1
value 0.00432
scoring_system epss
scoring_elements 0.63004
published_at 2026-06-05T12:55:00Z
2
value 0.00432
scoring_system epss
scoring_elements 0.63013
published_at 2026-06-06T12:55:00Z
3
value 0.00432
scoring_system epss
scoring_elements 0.63002
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7378
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7378
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7378
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859330
reference_id 859330
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859330
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7378
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a5k2-czfx-3qa8
8
url VCID-a7tq-z4ru-x3e4
vulnerability_id VCID-a7tq-z4ru-x3e4
summary Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-12982
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38781
published_at 2026-06-05T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38784
published_at 2026-06-06T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38757
published_at 2026-06-07T12:55:00Z
3
value 0.00374
scoring_system epss
scoring_elements 0.594
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-12982
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12982
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12982
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916581
reference_id 916581
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916581
4
reference_url https://security.archlinux.org/ASA-202101-36
reference_id ASA-202101-36
reference_type
scores
url https://security.archlinux.org/ASA-202101-36
5
reference_url https://security.archlinux.org/AVG-867
reference_id AVG-867
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-867
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-12982
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7tq-z4ru-x3e4
9
url VCID-a97h-vdzy-e7cj
vulnerability_id VCID-a97h-vdzy-e7cj
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7379
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.63004
published_at 2026-06-05T12:55:00Z
1
value 0.00432
scoring_system epss
scoring_elements 0.63013
published_at 2026-06-06T12:55:00Z
2
value 0.00432
scoring_system epss
scoring_elements 0.63002
published_at 2026-06-07T12:55:00Z
3
value 0.00813
scoring_system epss
scoring_elements 0.74622
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7379
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7379
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7379
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859331
reference_id 859331
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859331
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7379
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a97h-vdzy-e7cj
10
url VCID-c18a-ad9t-tuh7
vulnerability_id VCID-c18a-ad9t-tuh7
summary In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5783
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37074
published_at 2026-06-04T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.37164
published_at 2026-06-05T12:55:00Z
2
value 0.00164
scoring_system epss
scoring_elements 0.37171
published_at 2026-06-06T12:55:00Z
3
value 0.00164
scoring_system epss
scoring_elements 0.37139
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5783
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5783
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5783
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916142
reference_id 916142
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916142
4
reference_url https://security.archlinux.org/ASA-202101-36
reference_id ASA-202101-36
reference_type
scores
url https://security.archlinux.org/ASA-202101-36
5
reference_url https://security.archlinux.org/AVG-867
reference_id AVG-867
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-867
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-5783
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c18a-ad9t-tuh7
11
url VCID-dx1p-226q-mkb8
vulnerability_id VCID-dx1p-226q-mkb8
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7380
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.62962
published_at 2026-06-04T12:55:00Z
1
value 0.00432
scoring_system epss
scoring_elements 0.63004
published_at 2026-06-05T12:55:00Z
2
value 0.00432
scoring_system epss
scoring_elements 0.63013
published_at 2026-06-06T12:55:00Z
3
value 0.00432
scoring_system epss
scoring_elements 0.63002
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7380
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7380
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7380
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
reference_id 859329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7380
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dx1p-226q-mkb8
12
url VCID-esuc-bxyu-5yaf
vulnerability_id VCID-esuc-bxyu-5yaf
summary PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5308
reference_id
reference_type
scores
0
value 0.01007
scoring_system epss
scoring_elements 0.77402
published_at 2026-06-04T12:55:00Z
1
value 0.01007
scoring_system epss
scoring_elements 0.7743
published_at 2026-06-07T12:55:00Z
2
value 0.01007
scoring_system epss
scoring_elements 0.77439
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5308
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5308
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854602
reference_id 854602
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854602
4
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
5
reference_url https://usn.ubuntu.com/7217-1/
reference_id USN-7217-1
reference_type
scores
url https://usn.ubuntu.com/7217-1/
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-5308
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-esuc-bxyu-5yaf
13
url VCID-f5rd-ukfj-d7gm
vulnerability_id VCID-f5rd-ukfj-d7gm
summary An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11255
reference_id
reference_type
scores
0
value 0.0042
scoring_system epss
scoring_elements 0.62263
published_at 2026-06-04T12:55:00Z
1
value 0.0042
scoring_system epss
scoring_elements 0.62312
published_at 2026-06-05T12:55:00Z
2
value 0.0042
scoring_system epss
scoring_elements 0.62319
published_at 2026-06-06T12:55:00Z
3
value 0.0042
scoring_system epss
scoring_elements 0.62308
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11255
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11255
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11255
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916584
reference_id 916584
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916584
4
reference_url https://security.archlinux.org/ASA-202101-36
reference_id ASA-202101-36
reference_type
scores
url https://security.archlinux.org/ASA-202101-36
5
reference_url https://security.archlinux.org/AVG-867
reference_id AVG-867
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-867
6
reference_url https://usn.ubuntu.com/7217-1/
reference_id USN-7217-1
reference_type
scores
url https://usn.ubuntu.com/7217-1/
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-11255
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5rd-ukfj-d7gm
14
url VCID-fma7-b6ey-hfce
vulnerability_id VCID-fma7-b6ey-hfce
summary In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5295
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.3869
published_at 2026-06-04T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38781
published_at 2026-06-05T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38784
published_at 2026-06-06T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38757
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5295
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5295
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5295
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889511
reference_id 889511
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889511
4
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-5295
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fma7-b6ey-hfce
15
url VCID-hz7z-m9uk-gff2
vulnerability_id VCID-hz7z-m9uk-gff2
summary The PoDoFo::PdfXObject::PdfXObject function in PdfXObject.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-6848
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.38768
published_at 2026-06-04T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.38857
published_at 2026-06-05T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.38862
published_at 2026-06-06T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.38834
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-6848
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6848
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861565
reference_id 861565
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861565
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-6848
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hz7z-m9uk-gff2
16
url VCID-jut9-e84m-d3eq
vulnerability_id VCID-jut9-e84m-d3eq
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7383
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43389
published_at 2026-06-04T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43461
published_at 2026-06-05T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-06-06T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43448
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7383
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7383
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7383
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
reference_id 859329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7383
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jut9-e84m-d3eq
17
url VCID-jv9p-2xc9-tfbr
vulnerability_id VCID-jv9p-2xc9-tfbr
summary The PoDoFo::PdfXRefStreamParserObject::ReadXRefStreamEntry function in base/PdfXRefStreamParserObject.cpp:224 in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted PDF file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8787
reference_id
reference_type
scores
0
value 0.0045
scoring_system epss
scoring_elements 0.63943
published_at 2026-06-04T12:55:00Z
1
value 0.0045
scoring_system epss
scoring_elements 0.63985
published_at 2026-06-05T12:55:00Z
2
value 0.0045
scoring_system epss
scoring_elements 0.63992
published_at 2026-06-06T12:55:00Z
3
value 0.0045
scoring_system epss
scoring_elements 0.63982
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8787
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8787
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8787
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:N/C:P/I:P/A:P
1
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861738
reference_id 861738
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=861738
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-8787
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jv9p-2xc9-tfbr
18
url VCID-md8c-ewv8-gyf9
vulnerability_id VCID-md8c-ewv8-gyf9
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7994
reference_id
reference_type
scores
0
value 0.00645
scoring_system epss
scoring_elements 0.71069
published_at 2026-06-04T12:55:00Z
1
value 0.00645
scoring_system epss
scoring_elements 0.71112
published_at 2026-06-05T12:55:00Z
2
value 0.00645
scoring_system epss
scoring_elements 0.71118
published_at 2026-06-06T12:55:00Z
3
value 0.00645
scoring_system epss
scoring_elements 0.71102
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7994
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7994
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7994
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860930
reference_id 860930
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860930
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7994
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-md8c-ewv8-gyf9
19
url VCID-nx3g-8rny-2ffm
vulnerability_id VCID-nx3g-8rny-2ffm
summary denial of service
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7382
reference_id
reference_type
scores
0
value 0.0021
scoring_system epss
scoring_elements 0.43389
published_at 2026-06-04T12:55:00Z
1
value 0.0021
scoring_system epss
scoring_elements 0.43461
published_at 2026-06-05T12:55:00Z
2
value 0.0021
scoring_system epss
scoring_elements 0.43472
published_at 2026-06-06T12:55:00Z
3
value 0.0021
scoring_system epss
scoring_elements 0.43448
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7382
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7382
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7382
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
reference_id 859329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859329
3
reference_url https://security.archlinux.org/AVG-216
reference_id AVG-216
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-216
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2017-7382
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nx3g-8rny-2ffm
20
url VCID-pkrw-gaqw-rfe3
vulnerability_id VCID-pkrw-gaqw-rfe3
summary In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-5309
reference_id
reference_type
scores
0
value 0.00624
scoring_system epss
scoring_elements 0.70548
published_at 2026-06-04T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70591
published_at 2026-06-05T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.706
published_at 2026-06-06T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70582
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-5309
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5309
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5309
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-5309
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pkrw-gaqw-rfe3
21
url VCID-verj-pcgf-gufp
vulnerability_id VCID-verj-pcgf-gufp
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-8002
reference_id
reference_type
scores
0
value 0.05842
scoring_system epss
scoring_elements 0.90709
published_at 2026-06-04T12:55:00Z
1
value 0.05842
scoring_system epss
scoring_elements 0.90722
published_at 2026-06-05T12:55:00Z
2
value 0.05842
scoring_system epss
scoring_elements 0.90721
published_at 2026-06-06T12:55:00Z
3
value 0.05842
scoring_system epss
scoring_elements 0.90719
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-8002
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8002
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892557
reference_id 892557
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892557
4
reference_url https://security.archlinux.org/AVG-1427
reference_id AVG-1427
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1427
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44946.txt
reference_id CVE-2018-8002
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/44946.txt
6
reference_url https://usn.ubuntu.com/7217-1/
reference_id USN-7217-1
reference_type
scores
url https://usn.ubuntu.com/7217-1/
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-8002
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-verj-pcgf-gufp
22
url VCID-wm3b-jyn4-dfd5
vulnerability_id VCID-wm3b-jyn4-dfd5
summary In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-6352
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.3869
published_at 2026-06-04T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38781
published_at 2026-06-05T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38784
published_at 2026-06-06T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38757
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-6352
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6352
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://security.archlinux.org/AVG-1426
reference_id AVG-1426
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1426
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-6352
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wm3b-jyn4-dfd5
23
url VCID-y1ss-dj9f-bqge
vulnerability_id VCID-y1ss-dj9f-bqge
summary An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11254
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.3869
published_at 2026-06-04T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38781
published_at 2026-06-05T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38784
published_at 2026-06-06T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38757
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11254
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11254
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11254
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916585
reference_id 916585
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916585
4
reference_url https://security.archlinux.org/ASA-202101-36
reference_id ASA-202101-36
reference_type
scores
url https://security.archlinux.org/ASA-202101-36
5
reference_url https://security.archlinux.org/AVG-867
reference_id AVG-867
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-867
fixed_packages
0
url pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/podofo@0.9.6-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community
aliases CVE-2018-11254
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y1ss-dj9f-bqge
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/podofo@0.9.6-r0%3Farch=aarch64&distroversion=edge&reponame=community