9 matches found
Updated python-pypdf2 packages fix security vulnerability
It was discovered that python-pypdf2 contained a vulnerability whereby an attacker can craft a PDF which leads to unexpected long runtime. CVE-2023-36810...
MGASA-2023-0254 Updated python-pypdf2 packages fix security vulnerability
It was discovered that python-pypdf2 contained a vulnerability whereby an attacker can craft a PDF which leads to unexpected long runtime. CVE-2023-36810...
Mageia: Security Advisory (MGASA-2023-0254)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-6280-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : PyPDF2 vulnerability (USN-6280-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6280-1 advisory. It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked...
Debian dla-3497 : python-pypdf2 - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3497 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3497-1 [email protected] https://www.debian.org/lts/security/...
addpage (=0.2.0), amazon-textract-helper (>=0.0.2 <=0.0.30) +89 more potentially affected by CVE-2023-36810 via pypdf2 (>=1.24.0 <=1.27.5)
pypdf2 PYPI version =1.24.0, =0.0.2, =0.0.1, =0.0.2, =0.0.1, =0.1.1, =0.1.1, =0.2.0, =0.1.0, =0.0.1, =1.1.0, =0.9.0, =1.0.0, =2.0.0 - dftimewolf =20200608.0.0a0 and more Source cves: CVE-2023-36810 Source advisory: OSV:GHSA-JRM6-H9CQ-8GQW...
CVE-2023-36810
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of t...
CVE-2023-36810
CVE-2023-36810 affects the Python PDF library pypdf/pypdf2 . The issue is a quadratic runtime caused by processing certain malformed PDFs, which can cause the process to run indefinitely on a single CPU core (no memory impact stated). The vulnerability has been fixed in the project via PR 808, an...