5 matches found
GHSA-8X2R-V9X5-3QGH Duplicate Advisory: Insecure Deserialization (pickle) in pdfminer.six CMap Loader β Local Privesc
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f83h-ghpp-7wcc. This link is maintained to preserve external references. Original Description pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The...
Duplicate Advisory: Insecure Deserialization (pickle) in pdfminer.six CMap Loader β Local Privesc
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-f83h-ghpp-7wcc. This link is maintained to preserve external references. Original Description pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The...
Insecure Deserialization (pickle) in pdfminer.six CMap Loader β Local Privesc
π Overview This report demonstrates a real-world privilege escalation vulnerability in pdfminer.six due to unsafe usage of Python's pickle module for CMap file loading. It shows how a low-privileged user can gain root access or escalate to any service account by exploiting insecure deserializatio...
EUVD-2025-38331
Insecure Deserialization pickle in pdfminer.six CMap Loader β Local Privesc...
GHSA-F83H-GHPP-7WCC Insecure Deserialization (pickle) in pdfminer.six CMap Loader β Local Privesc
π Overview This report demonstrates a real-world privilege escalation vulnerability in pdfminer.six due to unsafe usage of Python's pickle module for CMap file loading. It shows how a low-privileged user can gain root access or escalate to any service account by exploiting insecure deserializatio...