3 matches found
EUVD-2025-206704
pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...
Fedora 43 : python-pdfminer (2025-e77e051f0c)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e77e051f0c advisory. Update to 20251230: security fix for CVE-2025-64512 https://github.com/pdfminer/pdfminer.six/blob/20251230/CHANGELOG.md Tenable has extracted the preceding...
PT-2026-5984
Name of the Vulnerable Software and Affected Versions pdfminer.six versions prior to 20251230 Description pdfminer.six contains an insecure deserialization issue in the CMap loading mechanism. The library utilizes Python pickle to deserialize CMap cache files without proper validation. An attacke...