In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.
{ "cpe": "cpe:2.3:a:podofo_project:podofo:0.9.5:*:*:*:*:*:*:*", "source": "CPE_STRING", "extracted_events": [ { "introduced": "0.9.5" }, { "last_affected": "0.9.5" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5295.json"