312 matches found
Malicious Package
Overview nicegui is a malicious package. This package contains malicious code designed to steal sensitive credentials and establish remote access. While these packages might attempt to impersonate legitimate organizations and popular open-source libraries, there is no connection between those...
CLSA-2026-1777546646 gdk-pixbuf2: Fix of CVE-2026-5201
CVE-2026-5201: jpeg loader rejects unsupported component counts in the non-incremental code path...
GHSA-H8MM-C463-WJQ3 CoreDNS' transfer stanza selection uses lexicographic compare (subzone ACL bypass)
Summary CoreDNS' transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. A permissive parent-zone transfer rule can override a restrictive subzone rule name-dependent, allowing an unauthorized client to perform AXFR/IXFR for the subzone...
CVE-2026-41313
A flaw was found in pypdf. An attacker can craft a malicious PDF file with a large trailer /Size value. When this PDF is loaded in incremental mode, it can lead to excessively long processing times, resulting in a Denial of Service DoS for the application or system processing the file. Mitigation...
SUSE CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
DEBIAN-CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-41313
CVE-2026-41313 affects the open-source Python PDF library pypdf (prior to 6.10.2). An attacker can craft a PDF with a large trailer /Size value loaded in incremental mode, causing long runtimes. The issue is fixed in pypdf 6.10.2; as a workaround, patches can be applied manually. The CVSS-derived...
CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-41313 pypdf: Possible long runtimes for wrong size values in incremental mode
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-41313 pypdf: Possible long runtimes for wrong size values in incremental mode
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
pypdf 安全漏洞
pypdf is an open-source, free, and pure Python PDF library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages of PDF files. Prior to version 6.10.2, pypdf had a security vulnerability that could lead to prolonged execution when loading PDF files with large...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007036)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007036 advisory. In the Linux kernel, the following vulnerability has been resolved: libceph: replace overzealous BUGON in osdmapapplyincremental If the osdmap is maliciously corrupt...
GHSA-WF66-MPHR-4C4R Apache Kafka exposes sensitive information in its DEBUG logs
Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...
CVE-2026-33558
Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...
CVE-2026-33558
CVE-2026-33558 affects Apache Kafka: the NetworkClient logs sensitive information at DEBUG level, exposing full requests/responses for certain APIs (AlterConfigsRequest, AlterUserScramCredentialsRequest, ExpireDelegationTokenRequest, IncrementalAlterConfigsRequest, RenewDelegationTokenRequest, Sa...
Excessive Iteration
Overview PyPDF2 is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Excessive Iteration in the incremental mode for PDF processing. An attacker can cause excessive resource consumption and...
pypdf: Possible long runtimes for wrong size values in incremental mode
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. Patches This has been fixed in pypdf==6.10.2. Workarounds If you cannot upgrade yet, consider applying the changes from PR...
GHSA-4PXV-J86V-MHCW pypdf: Possible long runtimes for wrong size values in incremental mode
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. Patches This has been fixed in pypdf==6.10.2. Workarounds If you cannot upgrade yet, consider applying the changes from PR...