CVE-2023-36807

pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single co...

Design/Logic Flaw

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

CVE-2023-36464 Infinite Loop when a comment isn't followed by a character in pypdf

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

CVE-2023-36464

The CVE-2023-36464 entry concerns the Python library pypdf. An attacker could craft a PDF that triggers an infinite loop during content stream parsing (__parse_content_stream), potentially leading to denial of service (availability impact) as described in the linked PRs. The issue was introduced ...

CVE-2023-36464 Infinite Loop when a comment isn't followed by a character in pypdf

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

CVE-2023-36464

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

PyPDF2 安全漏洞

PyPDF2 is a free open source pure python PDF library . Able to split, merge, crop and convert pages of a PDF file. PyPDF2 versions 2.2.0 to 3.8.1 has a security vulnerability , the vulnerability stems from the attacker may be able to create a PDF, if the implementation of parsecontentstream, will...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : PyPDF2 vulnerability (USN-6176-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6176-1 advisory. It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processin...

The vulnerability of the APDFL.dl library, a tool for 3D JT/JT2Go viewing and Teamcenter Visualization lifecycle management system, allows a perpetrator to execute arbitrary code.

The vulnerability of the APDFL.dll library, which is used by 3D JT, JT2Go, and Teamcenter Visualization lifecycle management systems, relates to operations that occur outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

SUSE CVE-2022-24859

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

Debian: Security Advisory (DLA-3273-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3273-1] libitext5-java security update

Debian LTS Advisory DLA-3273-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 18, 2023 https://wiki.debian.org/LTS Package : libitext5-java Version : 5.5.13-1+deb10u1 CVE ID : CVE-2021-43113 Debian Bug : 1014597 It was discovered that the CompareTool of...

CVE-2022-3160

The APDFL.dll contains an out-of-bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process...

UBUNTU-CVE-2022-35099

SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixelunsigned char at /xpdf/Stream.cc...

UBUNTU-CVE-2022-38928

XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393...

PT-2022-7124 · Pypi +1 · Pypdf2 +1

Name of the Vulnerable Software and Affected Versions: PyPDF2 versions prior to 2.10.6 Description: The issue is related to a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker can craft a PDF that leads to an infinite loop,...

CVE-2022-38229

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSymDCTHuffTable at /xpdf/Stream.cc...

CVE-2022-38227

XPDF commit ffaf11c was discovered to contain a stack overflow via asanmemcpy at asaninterceptorsmemintrinsics.cpp...

UBUNTU-CVE-2022-38230

XPDF commit ffaf11c was discovered to contain a floating point exception FPE via DCTStream::decodeImage at /xpdf/Stream.cc...

UBUNTU-CVE-2022-38233

XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::readMCURow at /xpdf/Stream.cc...