Lucene search
K

6 matches found

CVE
CVE
added yesterday3 views

CVE-2026-59935

The CVE affects the Python PDF library pypdf prior to 6.14.2, where a crafted PDF page content stream with an inline image not terminated and using ASCII85/ASCIIHex filters can cause an infinite loop during parsing (e.g., text extraction). This may impact availability (as per CVSS) with no confid...

8.7CVSS6AI score
Exploits0References4
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in qpdf

A issue was discovered in QPDF version 10.0.4, allowing remote attackers to execute arbitrary code via a crafted .pdf file, through the PlASCII85Decoder::write parameter in libqpdf...

5.3CVSS5.5AI score0.00503EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in qpdf

QPDF versions 9.x through 9.1.1, and 10.x through 10.0.4 have a heap-based buffer overflow in the PlASCII85Decoder::write function invoked from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write operation fails...

5.5CVSS5.2AI score0.01272EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/04/14 12:0 a.m.7 views

The vulnerability of the command-line PDF conversion tool QPDF lies in its memory usage after it is freed. This allows a malicious actor to execute arbitrary code.

The vulnerability of the command-line PDF conversion tool QPDF relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code by processing the PlASCII85Decoder::write parameter...

5.3CVSS6AI score0.00503EPSS
Exploits1References10Affected Software6
OSV
OSV
added 2021/07/20 7:15 a.m.5 views

DEBIAN-CVE-2021-36978

QPDF 9.x through 9.1.1 and 10.x through 10.0.4 has a heap-based buffer overflow in PlASCII85Decoder::write called from PlAESPDF::flush and PlAESPDF::finish when a certain downstream write fails...

5.5CVSS7.5AI score0.01272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/01/11 12:0 a.m.5 views

PT-2021-21416 · Qpdf +4 · Qpdf +4

Name of the Vulnerable Software and Affected Versions: QPDF versions 9.x through 9.1.1 QPDF versions 10.x through 10.0.4 Description: The issue is a heap-based buffer overflow in Pl ASCII85Decoder::write, which is called from Pl AES PDF::flush and Pl AES PDF::finish, occurring when a certain...

6.5CVSS4.4AI score0.01281EPSS
Exploits3References54
Rows per page
Query Builder