USN-6176-1: PyPDF2 vulnerability

It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : PyPDF2 vulnerability (USN-6176-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6176-1 advisory. It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processin...

Ubuntu: Security Advisory (USN-6176-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3451-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3451 : python-pypdf2 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3451 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3451-1 [email protected] https://www.debian.org/lts/security/...

[SECURITY] [DLA 3451-1] pypdf2 security update

Debian LTS Advisory DLA-3451-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 09, 2023 https://wiki.debian.org/LTS Package : pypdf2 Version : 1.26.0-2+deb10u1 CVE ID : CVE-2022-24859 Debian Bug : 1009879 Sebastian Krause discovered that manipulated inline...

Mageia: Security Advisory (MGASA-2022-0224)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated python-pypdf2 packages fix security vulnerability

Infinite loop with manipulated inline images CVE-2022-24859...

MGASA-2022-0224 Updated python-pypdf2 packages fix security vulnerability

Infinite loop with manipulated inline images CVE-2022-24859...

Debian: Security Advisory (DLA-3039-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3039-1] pypdf2 security update

Debian LTS Advisory DLA-3039-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 03, 2022 https://wiki.debian.org/LTS Package : pypdf2 Version : 1.26.0-2+deb9u1 CVE ID : CVE-2022-24859 Debian Bug : 1009879 Sebastian Krause discovered that manipulated inline...

Debian DLA-3039-1 : pypdf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3039 advisory. Sebastian Krause discovered that manipulated inline images can force PyPDF2, a pure Python PDF library, into an infinite loop, if a maliciously crafted PDF file is processe...

DLA-3039-1 pypdf2 - security update

Bulletin has no description...

addpage (=0.2.0), amazon-textract-helper (>=0.0.2 <=0.0.30) +88 more potentially affected by CVE-2022-24859 via pypdf2 (>=1.24.0 <=1.27.12)

pypdf2 PYPI version =1.24.0, =0.0.2, =0.0.1, =0.0.2, =0.0.1, =0.1.1, =0.1.1, =0.2.0, =0.1.0, =0.0.1, =1.1.0, =0.9.0, =1.0.0, =2.0.0 - dftimewolf =20200608.0.0a0 and more Source cves: CVE-2022-24859 Source advisory: OSV:GHSA-XCJX-M2PJ-8G79...

GHSA-XCJX-M2PJ-8G79 Manipulated inline images can cause Infinite Loop in PyPDF2

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 user wrote the following code: python from PyPDF2 import PdfFileReader, PdfFileWriter from PyPDF2.pdf import ContentStream reader = PdfFileReader"malicious.pdf", strict=False for page in...

Manipulated inline images can cause Infinite Loop in PyPDF2

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 user wrote the following code: python from PyPDF2 import PdfFileReader, PdfFileWriter from PyPDF2.pdf import ContentStream reader = PdfFileReader"malicious.pdf", strict=False for page in...

Denial Of Service (DoS)

pypdf2 is vulnerable to denial of service DoS attacks. The vulnerability exists due to an infinite loop in the readInlineImage' function in the pdf.py which allows a malicious attacker to crash the system by sending a pdf file...

CVE-2022-24859

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

CVE-2022-24859

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

Code injection

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...