Astra Linux - уязвимость в pypdf2

PyPDF2 is an open-source Python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5, an attacker who exploited this vulnerability could create a PDF that would lead to an infinite loop if the PyPDF2 code attempted to access the...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.2

Red Hat OpenShift Service Mesh 3.2.2 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....

CLEANSTART-2026-KN30288 Security fixes for GHSA-2GH3-RMM4-6RQ5, GHSA-434X-W66G-QW3R, GHSA-R6V5-FH4H-64XC, GHSA-RHFX-M35P-FF5J, GHSA-XWFJ-JGWM-7WP5 applied in versions: 1.27.5-r1, 1.27.6-r0

Multiple security vulnerabilities affect the ztunnel-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

EUVD-2024-44844

Malicious code in bioql PyPI...

CVE-2024-50413

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Stored XSS.This issue affects Import and export users and customers: from n/a through = 1.27.5...

CVE-2025-0755 MongoDB C Driver bson library may be susceptible to buffer overflow

The various bsonappend functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size INT32MAX, resulting in a segmentation fault and possible application crash. This...

WordPress Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Post and Page Builder by BoldGrid versions = 1.27.5...

WordPress plugin Import and export users and customers 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

PT-2024-34187 · Unknown · Codection Import/Export Users/Customers

Name of the Vulnerable Software and Affected Versions: codection Import and export users and customers versions 1.27.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.27.5...

PT-2024-3092 · Envoy +1 · Envoy +1

Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.27.5 Envoy versions prior to 1.28.3 Envoy versions prior to 1.29.4 Envoy versions prior to 1.30.1 Description: The issue arises when an upstream TLS cluster is used with auto sni enabled and a request contains a...

PYSEC-2022-194

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

PYSEC-2022-194

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

CVE-2022-24859

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

CVE-2022-24859 Manipulated inline images can cause Infinite Loop in PyPDF2

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

PyPDF2 安全漏洞

PyPDF2 is a free open source pure python PDF library . It can split, merge, crop and convert pages in PDF files. PyPDF2 has a security vulnerability that originated in versions prior to 1.27.5, which allows an attacker to create PDFs that will result in an infinite loop if PyPDF2 if the code trie...

DEBIAN-CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...