Lucene search
K

129 matches found

Veracode
Veracode
added 2026/06/23 10:21 a.m.7 views

Uncontrolled Resource Consumption

pypdf is vulnerable to Uncontrolled Resource Consumption. The vulnerability is due to inefficient processing of PDF streams using the /FlateDecode filter with a PNG predictor, where specially crafted PDF content can trigger excessive computation during stream decoding, allowing attackers to cause...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-49460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 9:16 p.m.9 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 9:16 p.m.5 views

UBUNTU-CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:28 p.m.2 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/06/22 8:28 p.m.21 views

CVE-2026-49460

CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/06/22 8:28 p.m.6 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0
OSV
OSV
added 2026/06/22 8:28 p.m.4 views

CVE-2026-49460 pypdf: Inefficient decoding of FlateDecode PNG predictor streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/06/16 1:46 p.m.9 views

pypdf: Inefficient decoding of FlateDecode PNG predictor streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying the changes...

5.1CVSS5.2AI score0.00117EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/06/16 1:46 p.m.7 views

Inefficient Algorithmic Complexity

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the FlateDecode PNG predictor streams. An attacker can cause excessive resource consumption...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 1:46 p.m.6 views

GHSA-5HGR-HG42-57JG pypdf: Inefficient decoding of FlateDecode PNG predictor streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying the changes...

5.1CVSS5.3AI score0.00117EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/25 11:9 a.m.7 views

CVE-2026-41314

A flaw was found in pypdf, a pure-Python PDF library. An attacker can exploit this vulnerability by crafting a malicious PDF file that accesses an image using /FlateDecode with large size values. This can lead to memory exhaustion, resulting in a Denial of Service DoS for the system processing th...

6.5CVSS5.4AI score0.00226EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.7 views

SUSE CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 10:16 p.m.6 views

CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

6.5CVSS0.00226EPSS
Exploits0References4
OSV
OSV
added 2026/04/22 10:16 p.m.7 views

DEBIAN-CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

6.5CVSS5.3AI score0.00226EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/22 9:8 p.m.6 views

CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/22 9:8 p.m.30 views

CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS0.00226EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/04/22 9:8 p.m.10 views

CVE-2026-41314

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

6.5CVSS5.3AI score0.00226EPSS
Exploits0
OSV
OSV
added 2026/04/22 9:8 p.m.1 views

CVE-2026-41314 pypdf: Manipulated FlateDecode image dimensions can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...

4.8CVSS5.8AI score0.00226EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/22 9:2 p.m.6 views

CVE-2026-41312 pypdf: Manipulated FlateDecode predictor parameters can exhaust RAM

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...

4.8CVSS5.6AI score0.00226EPSS
Exploits0References4
Rows per page
Query Builder