CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-46205

A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.9%

CVSS Severity

CVSS v3 Score 8.1

References

https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-46205.md
https://github.com/ShadowByte1/CVE-Reports/issues/1
https://github.com/podofo/podofo

Products affected by CVE-2025-46205

Podofo Project » Podofo » Version: 0.10.0

cpe:2.3:a:podofo_project:podofo:0.10.0
Podofo Project » Podofo » Version: 0.10.1

cpe:2.3:a:podofo_project:podofo:0.10.1
Podofo Project » Podofo » Version: 0.10.2

cpe:2.3:a:podofo_project:podofo:0.10.2
Podofo Project » Podofo » Version: 0.10.3

cpe:2.3:a:podofo_project:podofo:0.10.3
Podofo Project » Podofo » Version: 0.10.4

cpe:2.3:a:podofo_project:podofo:0.10.4
Podofo Project » Podofo » Version: 0.10.5

cpe:2.3:a:podofo_project:podofo:0.10.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-46205

Products

Pricing

Contact Us