Lucene search
K

41 matches found

RedhatCVE
RedhatCVE
added 3 days ago6 views

CVE-2026-59937

A flaw was found in pypdf, a pure-python PDF library. A remote attacker could exploit this vulnerability by crafting a malicious PDF file containing repeated malformed cross-reference streams. This could cause the pypdf library to spend excessive time recovering broken cross-reference table...

7.5CVSS6AI score0.00345EPSS
Exploits0References7
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-59937 pypdf: Possible long runtimes for repeated malformed cross-reference entries

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0...

6.9CVSS0.00345EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59937

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0...

6.9CVSS6AI score0.00345EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago12 views

PT-2026-56527

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.0 Description An attacker can craft a PDF containing repeated malformed cross-reference streams. This causes the library to spend excessive runtimes attempting to recover broken cross-reference table entries, leadi...

7.5CVSS6.1AI score0.00345EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/12 6:29 p.m.15 views

EUVD-2026-32913

pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams...

5.1CVSS5.1AI score0.00124EPSS
Exploits0References5
OSV
OSV
added 2026/06/12 6:29 p.m.9 views

GHSA-248M-82V9-Q6G6 pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. Patches This has been fixed in pypdf==6.12.0. Workarounds If developers are unable to upgrade their apps immediately, the...

5.1CVSS5.2AI score0.00124EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/06/12 6:29 p.m.16 views

pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. Patches This has been fixed in pypdf==6.12.0. Workarounds If developers are unable to upgrade their apps immediately, the...

5.1CVSS5.1AI score0.00124EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/04 10:7 p.m.13 views

CVE-2026-48156

A flaw was found in pypdf, a free and open-source pure-python PDF library. A remote attacker could exploit this vulnerability by crafting a malicious PDF file. This file, containing specific cross-reference streams with /W 0 0 0 values and large /Size values, can lead to excessively long processi...

5.1CVSS5.7AI score0.00124EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/30 1:59 a.m.21 views

SUSE CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/28 4:50 p.m.11 views

Excessive Iteration

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Excessive Iteration via the processing of cross-reference streams containing /W values set to 0 0 0 and large /Size values. An...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References2
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

DEBIAN-CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

3.3CVSS5.8AI score0.00124EPSS
Exploits0References1
NVD
NVD
added 2026/05/28 4:16 p.m.20 views

CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 4:16 p.m.18 views

UBUNTU-CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 2:50 p.m.14 views

CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/05/28 2:50 p.m.50 views

CVE-2026-48156

The CVE affects the Python PDF library pypdf (prior to 6.12.0). A crafted PDF leveraging cross-reference streams with /W [0 0 0] and large /Size can cause long runtimes. Fixed in 6.12.0; remediation is to upgrade to that version or later.

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/28 2:50 p.m.34 views

CVE-2026-48156 pypdf: Possible long runtimes for zero-only width values in cross-reference streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS0.00124EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/28 2:50 p.m.15 views

CVE-2026-48156 pypdf: Possible long runtimes for zero-only width values in cross-reference streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/05/28 2:50 p.m.12 views

CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.13 views

PT-2026-44393

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.12.0 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF file that causes long runtimes. This is achieved by using cross-reference streams with /W 0 0 0 values and large /Size values...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References13
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.12 views

openSUSE 16 Security Update : python-PyPDF2 (openSUSE-SU-2026:20794-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20794-1 advisory. Changes in python-PyPDF2: - CVE-2026-41312: Fixed issue where crafed PDF can lead to resources exhaustion bsc1262675 - CVE-2026-41314: Fixed a...

6.9CVSS5.9AI score0.00297EPSS
Exploits0References9
Rows per page
Query Builder