Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/03/20 4:36 p.m.6 views

Security Bulletin: IBM watsonx.data integration has vulnerabilities due to open source packages (CVE-2025-55197)

Summary Open source packages are used as part of the overall processing in IBM watsonx.data integration. Vulnerability Details CVEID:CVE-2025-55197 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM bein...

8.7CVSS7AI score0.00437EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/24 12:0 a.m.9 views

python311-PyPDF2-2.11.1-4.1 on GA media (moderate)

python311-PyPDF2-2.11.1-4.1 on GA media Announcement ID: openSUSE-SU-2026:10238-1 Rating: moderate Cross-References: CVE-2025-55197 CVE-2026-27024 CVE-2026-27025 CVE-2026-27026 Affected Products: openSUSE Tumbleweed An update that solves 4 vulnerabilities can now be installed. Description: These...

8.7CVSS5.5AI score0.00437EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/01/25 11:19 a.m.12 views

Security Bulletin: Multiple Vulnerabilities affecting IBM Watson Studio in Cloud Pak for Data are addressed

Summary There are multiple vulnerabilities impacting IBM Watson Studio in Cloud Pak for Data. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-7647 DESCRIPTION: The llama-index-core package, up to version 0.12.44, contains a...

8.7CVSS5.5AI score0.00437EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/13 11:3 p.m.2 views

CVE-2025-55197 pypdf's Manipulated FlateDecode streams can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are...

8.7CVSS7.2AI score0.00437EPSS
Exploits0References5
OSV
OSV
added 2025/08/13 11:3 p.m.5 views

CVE-2025-55197 pypdf's Manipulated FlateDecode streams can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are...

8.7CVSS6.6AI score0.00437EPSS
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/08/13 7:51 p.m.4 views

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +591 more potentially affected by CVE-2025-55197 via pypdf (>=3.10.0 <=5.9.0)

pypdf PYPI version =3.10.0, =0.1.1, =0.8.1, =0.9.1, =0.2.0, =0.0.2, =0.0.1, =0.0.1, =0.2.0, =0.1.4, =0.1.0a0.dev0, =1.1.3 and more Source cves: CVE-2025-55197 Source advisory: OSV:GHSA-7HFW-26VP-JP8M...

8.7CVSS7AI score0.00437EPSS
Exploits0
Rows per page
Query Builder