openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20348-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20348-1 advisory. Changes in python-PyPDF2: - CVE-2026-28804: Denial of Service via crafted PDF with ASCIIHexDecode filter bsc1259404 - Update sources with osc run...

OPENSUSE-SU-2026:20348-1 Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-28804: Denial of Service via crafted PDF with ASCIIHexDecode filter bsc1259404 - Update sources with osc run downloadfiles...

Inefficient Decoding

pypdf is vulnerable to inefficient decoding of ASCIIHexDecode streams. The vulnerability is due to an attacker being able to craft a PDF which leads to long runtimes, where accessing a stream uses the /ASCIIHexDecode filter and can be exploited by attackers to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-28804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long...

DEBIAN-CVE-2026-28804

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5...

CVE-2026-28804 pypdf: Inefficient decoding of ASCIIHexDecode streams

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5...

CVE-2026-28804

The connected advisory describes a pypdf vulnerability (GHSA-9M86-7PMV-2852) where inefficient decoding of ASCIIHexDecode streams in PDFs can cause long runtimes. Exploitation requires accessing a stream using the ASCIIHexDecode filter. The advisory notes a fix in pypdf 6.7.5 and suggests a worka...

CVE-2026-28804

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5...

CVE-2026-28804 pypdf: Inefficient decoding of ASCIIHexDecode streams

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5...

GHSA-9M86-7PMV-2852 pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. Patches This has been fixed in pypdf==6.7.5. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3666...

pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. Patches This has been fixed in pypdf==6.7.5. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3666...

Inefficient Algorithmic Complexity

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity due to the inefficient decoding of ASCIIHexDecode streams. An attacker can cause excessive...

PT-2026-23002

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.7.5 Description A crafted PDF file can cause excessive processing time when accessing a stream that utilizes the /ASCIIHexDecode filter. This issue affects the pypdf library. Recommendations Update to version 6.7.5 or...

CVE-2008-5409

Unspecified vulnerability in the pdf.xmd module in 1 BitDefender Free Edition 10 and Antivirus Standard 10, 2 BullGuard Internet Security 8.5, and 3 Software602 Groupware Server 6.0.08.1118 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code v...

BitDefender 'pdf.xmd' Module PDF Parsing Remote DoS Vulnerability

This host is installed with BitDefender Internet Security and AntiVirus and is prone to denial of service vulnerability. The flaw is due to boundary error in 'pdf.xmd' module when parsing of data encoded using 'FlateDecode' and 'ASCIIHexDecode' filters. This can be exploited to cause a memory...

BitDefender pdf.xmd模块PDF解析远程拒绝服务漏洞

BUGTRAQ ID: 32396 BitDefender Antivirus是具有功能强大的反病毒引擎以及互联网过滤技术的杀毒软件。 BitDefender Antivirus的pdf.xmd模块在处理使用FlateDecode和ASCIIHexDecode压缩选项所压缩的数据时存在拒绝服务漏洞。如果用户受骗打开了设置有特制/JavaScript对象标签的pdf文件的话，就可能在扫描文件时触发死循环，导致程序崩溃。 Softwin BitDefender Antivirus 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

BitDefender - Module pdf.xmd Infinite Loop Denial of Service (PoC)

BitDefender - Module pdf.xmd Infinite Loop Denial of Service PoC Deny Of Service and infinite loop in BitDefender module pdf.xmd / ProTeuS @ cih.ms / tested on pdf.xmd BitDefender's pdf engine by Alexandru Matei 0.1,Oct 8 2008, CRC32=A393F805 and on pdf.xmd last update by the moment of publicatio...