Lucene search
+L

83 matches found

redhatcve
redhatcve
added 6 days ago10 views

CVE-2026-59938

A flaw was found in pypdf, a free and open-source pure-python PDF library. An attacker can exploit this vulnerability by crafting a malicious PDF file with image size values that are significantly larger than the actual embedded image data, causing pypdf to allocate large amounts of memory when...

6.9CVSS6AI score0.00303EPSS
Exploits0References7
redhatcve
redhatcve
added 6 days ago7 views

CVE-2026-59935

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References7
euvd
euvd
added last week11 views

EUVD-2026-38358

pypdf: Possible infinite loop when processing threads/articles in writer...

6.9CVSS5.9AI score0.00111EPSS
Exploits0References4
osv
osv
added 2026/07/08 8:16 p.m.2 views

UBUNTU-CVE-2026-59935

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References4
osv
osv
added 2026/07/08 8:16 p.m.3 views

UBUNTU-CVE-2026-59936

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS6.1AI score0.00345EPSS
Exploits0References4
debiancve
debiancve
added 2026/07/08 7:34 p.m.5 views

CVE-2026-59936

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS6AI score0.00345EPSS
Exploits0
osv
osv
added 2026/07/08 7:34 p.m.3 views

CVE-2026-59935 pypdf: Possible infinite loop for not terminated inline images (ASCII85 and ASCIIHex filter)

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References6
nvd
nvd
added 2026/07/08 6:16 p.m.16 views

CVE-2026-59937

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0...

7.5CVSS0.00345EPSS
Exploits0References4
osv
osv
added 2026/07/08 6:16 p.m.4 views

UBUNTU-CVE-2026-59938

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...

6.9CVSS6.1AI score0.00303EPSS
Exploits0References4
debiancve
debiancve
added 2026/07/08 5:24 p.m.5 views

CVE-2026-59938

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...

6.9CVSS6AI score0.00303EPSS
Exploits0
attackerkb
attackerkb
added 2026/07/08 5:24 p.m.6 views

CVE-2026-59938

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...

6.9CVSS6AI score0.00303EPSS
Exploits0References5Affected Software1
osv
osv
added 2026/07/08 5:24 p.m.3 views

CVE-2026-59938 pypdf: Possible large memory usage for wrong image dimensions

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0...

6.9CVSS6.1AI score0.00303EPSS
Exploits0References6
nessus
nessus
added 2026/07/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-57204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can...

6.9CVSS5.9AI score0.00206EPSS
Exploits0References3
osv
osv
added 2026/06/30 10:16 p.m.7 views

DEBIAN-CVE-2026-57204

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAXDECLAREDSTREAMLENGTH is sometimes ignored. This requires parsing a content stream...

6.5CVSS5.7AI score0.00206EPSS
Exploits0References1
nessus
nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-49460

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3
nessus
nessus
added 2026/06/23 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-54651

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loo...

6.9CVSS5.9AI score0.00111EPSS
Exploits0References3
nvd
nvd
added 2026/06/22 9:16 p.m.12 views

CVE-2026-54530

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...

6.9CVSS0.00123EPSS
Exploits0References3
osv
osv
added 2026/06/22 9:16 p.m.5 views

DEBIAN-CVE-2026-54531

pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References1
osv
osv
added 2026/06/22 9:16 p.m.4 views

DEBIAN-CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References1
debiancve
debiancve
added 2026/06/22 8:28 p.m.9 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0
Rows per page
Query Builder