CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-18972

Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to obtain sensitive information via 'IsNextToken' in the component 'src/base/PdfToenizer.cpp'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.5%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://sourceforge.net/p/podofo/tickets/49/
https://sourceforge.net/p/podofo/tickets/49/

Products affected by CVE-2020-18972

Podofo Project » Podofo » Version: 0.9.6

cpe:2.3:a:podofo_project:podofo:0.9.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-18972

Products

Pricing

Contact Us