Lucene search
+L

44 matches found

nvd
nvd
added 2025/08/13 11:15 p.m.8 views

CVE-2025-55197

pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are...

8.7CVSS0.00437EPSS
Exploits0References5
cve
cve
added 2025/08/13 11:3 p.m.77 views

CVE-2025-55197

The CVE-2025-55197 issue affects pypdf prior to version 6.0.0, where a crafted PDF using a sequence of FlateDecode filters in a malicious cross-reference stream can exhaust RAM (DoS). Other content streams may be affected on explicit access. The vulnerability has been fixed in 6.0.0. A workaround...

8.7CVSS7.2AI score0.00437EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2025/08/13 11:3 p.m.15 views

CVE-2025-55197 pypdf's Manipulated FlateDecode streams can exhaust RAM

pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are...

8.7CVSS0.00437EPSS
Exploits0References5
redhat
redhat
added 2006/01/19 5:38 p.m.6 views

security flaw

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service crash via a crafted FlateDecode stream that triggers a null dereference...

5CVSS7.3AI score0.0341EPSS
Exploits1References4
Rows per page
Query Builder