CVE-2025-46205

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions podofo versions 0.10.0 through 0.10.5

Description A heap-use-after-free issue exists in the PdfTokenizer::ReadDictionary function. This allows attackers to potentially cause a Denial of Service (DoS) by providing a specially crafted PDF file.

Recommendations Update podofo to a version newer than 0.10.5.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

CVE-2025-46205

Affected Products

Debian

Podofo

CVE-2025-46205

Weakness Enumeration

Related Identifiers

Affected Products

References · 15