2 matches found
OPENSUSE-SU-2026:20333-1 Security update for python-PyPDF2
This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-27628: Fixed infinite loop when loading circular /Prev entries in cross-reference streams bsc1258940 - CVE-2026-27888: Fixed issue where manipulated FlateDecode XFA streams can exhaust RAM bsc1258934 -...
GHSA-WGVP-VG3V-2XQ3 pypdf has possible long runtimes/large memory usage for large /ToUnicode streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and large memory consumption. This requires parsing the /ToUnicode entry of a font with unusually large values, for example during text extraction. Patches This has been fixed in pypdf==6.7.1. Workarounds ...