Every CVE whose affected-product data names Pocoproject Poco, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-52389 — CVSS 9.8 (critical): UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer overflow because Poco::UTF32Encoding::conver…
CVE-2025-45766 — CVSS 7.0 (high): poco v1.14.1-release was discovered to contain weak encryption. NOTE: this issue has been disputed on the basis that key lengths are…
CVE-2017-1000472 — CVSS 6.5 (medium): The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename…
CVE-2025-6375 — CVSS 3.3 (low): A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function…