15 matches found
PT-2026-42033
Impact This is a significant Denial of Service DoS vulnerability. Any application that uses FPDI to process user-supplied PDF files is at risk. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion or a script time-out. Repeate...
EUVD-2025-23667
Malicious code in bioql PyPI...
EUVD-2024-47639
Malicious code in bioql PyPI...
CVE-2025-54869
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2025-54869
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2025-54869 FPDI is Vulnerable to Memory Exhaustion (OOM) through its PDF Parser
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2025-54869 FPDI is Vulnerable to Memory Exhaustion (OOM) through its PDF Parser
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2025-54869
CVE-2025-54869 affects FPDI (PHP) up to version 2.6.2. The vulnerability arises when processing user-supplied PDFs, causing server-side memory exhaustion and DoS; service availability can be degraded under repeated attacks. Remediation: upgrade to FPDI 2.6.3 or later. This summary reflects detail...
CVE-2025-54869 FPDI is Vulnerable to Memory Exhaustion (OOM) through its PDF Parser
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
CVE-2025-54869
FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. In versions 2.6.2 and below, any application that uses FPDI to process user-supplied PDF files is at risk, causing a Denial of Service DoS vulnerability. An attacker...
GHSA-JXHH-4648-VPP3 FPDI allows Memory Exhaustion (OOM) in PDF Parser which leads to Denial of Service
Impact This is a significant Denial of Service DoS vulnerability. Any application that uses FPDI to process user-supplied PDF files is at risk. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to...
FPDI allows Memory Exhaustion (OOM) in PDF Parser which leads to Denial of Service
Impact This is a significant Denial of Service DoS vulnerability. Any application that uses FPDI to process user-supplied PDF files is at risk. An attacker can upload a small, malicious PDF file that will cause the server-side script to crash due to memory exhaustion. Repeated attacks can lead to...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the PdfType::resolve which evaluates indirect and direct object references until a final value is reached. An attacker can cause memory exhaustion and crash the server by uploadin...
PT-2025-31943 · Fpdi +1 · Fpdi +1
Name of the Vulnerable Software and Affected Versions: FPDI versions 2.6.2 and below Description: FPDI is a collection of PHP classes that facilitate reading pages from existing PDF documents and using them as templates in FPDF. A malicious PDF file can cause a server-side script to crash due to...
CVE-2024-6567
The Ebook Store plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 5.8001. This is due to the plugin utilizing fpdi-protection and not preventing direct access to test files that have displayerrors set to true. This makes it possible for unauthenticat...