Lucene search
+L

13 matches found

OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.4 views

openSUSE Security Advisory (openSUSE-SU-2024:0366-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS7.1AI score0.01317EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/11/13 12:0 a.m.12 views

openSUSE 15 Security Update : python-PyPDF2 (openSUSE-SU-2024:0366-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2024:0366-1 advisory. - CVE-2022-24859: Fixed infinite loop vulnerability boo1198588 Tenable has extracted the preceding description block directly from the SUSE security...

6.2CVSS6AI score0.01317EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2024/11/12 12:0 a.m.15 views

Security update for python-PyPDF2 (moderate)

openSUSE Security Update: Security update for python-PyPDF2 Announcement ID: openSUSE-SU-2024:0366-1 Rating: moderate References: 1198588 Cross-References: CVE-2022-24859 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description:This...

6.2CVSS5.9AI score0.01317EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/06/19 12:0 a.m.21 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : PyPDF2 vulnerability (USN-6176-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6176-1 advisory. It was discovered that PyPDF2 incorrectly handled certain PDF files. If a user or automated system were tricked into processin...

6.2CVSS6AI score0.01317EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/06/12 12:0 a.m.30 views

Debian dla-3451 : python-pypdf2 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3451 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3451-1 [email protected] https://www.debian.org/lts/security/...

6.2CVSS6AI score0.01317EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/06/10 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2022-0224)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS5.5AI score0.01317EPSS
Exploits1References4
Mageia
Mageia
added 2022/06/09 8:49 p.m.63 views

Updated python-pypdf2 packages fix security vulnerability

Infinite loop with manipulated inline images CVE-2022-24859...

6.2CVSS1.8AI score0.01317EPSS
Exploits1References2
Debian
Debian
added 2022/06/03 10:48 a.m.66 views

[SECURITY] [DLA 3039-1] pypdf2 security update

Debian LTS Advisory DLA-3039-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany June 03, 2022 https://wiki.debian.org/LTS Package : pypdf2 Version : 1.26.0-2+deb9u1 CVE ID : CVE-2022-24859 Debian Bug : 1009879 Sebastian Krause discovered that manipulated inline...

6.2CVSS6.3AI score0.01317EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/06/03 12:0 a.m.33 views

Debian DLA-3039-1 : pypdf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3039 advisory. Sebastian Krause discovered that manipulated inline images can force PyPDF2, a pure Python PDF library, into an infinite loop, if a maliciously crafted PDF file is processe...

6.2CVSS6AI score0.01317EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2022/04/22 8:54 p.m.5 views

addpage (=0.2.0), amazon-textract-helper (>=0.0.2 <=0.0.30) +88 more potentially affected by CVE-2022-24859 via pypdf2 (>=1.24.0 <=1.27.12)

pypdf2 PYPI version =1.24.0, =0.0.2, =0.0.1, =0.0.2, =0.0.1, =0.1.1, =0.1.1, =0.2.0, =0.1.0, =0.0.1, =1.1.0, =0.9.0, =1.0.0, =2.0.0 - dftimewolf =20200608.0.0a0 and more Source cves: CVE-2022-24859 Source advisory: OSV:GHSA-XCJX-M2PJ-8G79...

6.2CVSS6.3AI score0.01317EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2022/04/18 7:15 p.m.6 views

addpage (=0.2.0), amazon-textract-helper (>=0.0.2 <=0.0.30) +88 more potentially affected by CVE-2022-24859 via pypdf2 (>=1.24.0 <=1.27.12)

pypdf2 PYPI version =1.24.0, =0.0.2, =0.0.1, =0.0.2, =0.0.1, =0.1.1, =0.1.1, =0.2.0, =0.1.0, =0.0.1, =1.1.0, =0.9.0, =1.0.0, =2.0.0 - dftimewolf =20200608.0.0a0 and more Source cves: CVE-2022-24859 Source advisory: OSV:PYSEC-2022-194...

6.2CVSS6.3AI score0.01317EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2022/04/18 12:0 a.m.5 views

CVE-2022-24859 Manipulated inline images can cause Infinite Loop in PyPDF2

PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content...

6.2CVSS6.3AI score0.01317EPSS
Exploits1References6
CVE
CVE
added 2022/04/18 12:0 a.m.173 views

CVE-2022-24859

CVE-2022-24859 affects PyPDF2 prior to 1.27.5. The issue is an infinite loop triggered when a malicious PDF is processed because the ContentStream._readInlineImage loop does not terminate unless it encounters an EI token, failing to detect end-of-stream. This can cause unbounded processing time d...

6.2CVSS5.4AI score0.01317EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder