CNNVD-202510-028 Information

CNNVD ID

CNNVD-202510-028

Related CVE

CVE-2025-46205

• CNNVD Published: 2025-10-01

Description (Chinese)

PoDoFo是PoDoFo开源的一个免费的可移植 C++ 库。 podofo v0.10.0版本至v0.10.5版本存在安全漏洞，该漏洞源于PdfTokenizer::ReadDictionary函数存在释放后重用问题，可能导致拒绝服务攻击。

Description (English)

PoDoFo is a free portable C++ library at PoDoFo Open Source. There is a security loophole in the Podofo v. 0.10.0 to v. 0.105, which stems from the post-release reuse problem in the PdfTokenizer::ReadDictionary function, which may lead to a denial of service attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

PoDoFo

Published

2025-10-01

Last Modified

2026-02-24

References

https://github.com/ShadowByte1/CVE-Reports/issues/1 https://github.com/podofo/podofo https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-46205.md