336 matches found
OPENSUSE-SU-2026:11238-1 python313-pypdf-6.14.2-1.1 on GA media
These are all security issues fixed in the python313-pypdf-6.14.2-1.1 package on the GA media of openSUSE Tumbleweed...
Linux Distros Unpatched Vulnerability : CVE-2026-59937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause...
DEBIAN-CVE-2026-59938
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...
PT-2026-56546
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.2 Description An attacker can craft a PDF file with a page content stream containing an unterminated inline image that utilizes ASCII85 or ASCIIHex filters. This leads to an infinite loop during the parsing process...
UBUNTU-CVE-2026-49460
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...
UBUNTU-CVE-2026-54651
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is fixed in 6.13.1...
Debian dsa-6334 : gir1.2-poppler-0.18 - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6334 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6334-1 [email protected]...
CVE-2026-9958
An use after free flaw was found in the PDFium component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504555886...
Linux Distros Unpatched Vulnerability : CVE-2026-48155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory...
Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in jsPDF (CVE-2026-24040, CVE-2026-24043, CVE-2026-24133, CVE-2026-24737)
Summary Multiple vulnerabilities in the jsPDF library used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the library to version 4.0.0. Vulnerability Details CVEID:CVE-2026-24040 DESCRIPTION: jsPDF is a library to generate PDFs in JavaScript. Prior to 4.1.0, the addJS...
ROS-20260512-73-0003
Vulnerability in python-PyPDF2 related to algorithmic complexity. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerabilities in pypdf-6.5.0-py3-none-any.whl
Summary IBM Watson Discovery Cartridge affected by vulnerabilities in pypdf-6.5.0-py3-none-any.whl Vulnerability Details CVEID:CVE-2026-22690 DESCRIPTION: pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object wit...
python311-pypdf-6.10.2-2.1 on GA media (moderate)
python311-pypdf-6.10.2-2.1 on GA media Announcement ID: openSUSE-SU-2026:10658-1 Rating: moderate Cross-References: CVE-2026-41168 CVE-2026-41312 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed i...
CVE-2026-41312
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...
CVE-2026-41314
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using /FlateDecode with large size values. This has been fixed in pypdf 6.10.2...
UBUNTU-CVE-2026-41312
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using /FlateDecode with a /Predictor unequal 1 and large predictor...
UBUNTU-CVE-2026-41168
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...
OPENSUSE-SU-2026:20598-1 Security update for python-PyPDF2
This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-40260: crafted PDF can lead to large memory usage bsc1262284...
OPENSUSE-SU-2026:10582-1 python311-PyPDF2-2.11.1-9.1 on GA media
These are all security issues fixed in the python311-PyPDF2-2.11.1-9.1 package on the GA media of openSUSE Tumbleweed...
CVE-2026-40260
pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has...