52 matches found
CVE-2026-59935
A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...
CVE-2026-59936
A flaw was found in pypdf, a pure-Python PDF library. A remote attacker can craft a malicious PDF document containing an unterminated inline image within its page content stream. When a user processes this crafted PDF, such as during text extraction, the vulnerability causes an infinite loop,...
Linux Distros Unpatched Vulnerability : CVE-2026-59936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated...
CVE-2026-59935
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...
CVE-2026-59936
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...
CVE-2026-59936 pypdf: Possible infinite loop for not terminated inline images
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...
CVE-2026-59936
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...
CVE-2026-59935 pypdf: Possible infinite loop for not terminated inline images (ASCII85 and ASCIIHex filter)
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...
CVE-2026-59935
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...
PT-2026-56546
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.2 Description An attacker can craft a PDF file with a page content stream containing an unterminated inline image that utilizes ASCII85 or ASCIIHex filters. This leads to an infinite loop during the parsing process...
PT-2026-56547
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.1 Description An attacker can craft a PDF file with a page content stream containing an unterminated inline image. This leads to an infinite loop during the detection of the inline image end marker, which can occur...
PT-2026-46098
Impact In versions = 2.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible: - reject file: and data: image references from untrusted input - allow only approved local or remote image sources - apply input size and memory limits to processing workers References - Fix release: v2.74....
ROS-20260417-73-0020
A vulnerability in the ContentStream.readInlineImage function of the PyPDF2 PDF processing library is related to incorrect implementation of the loop exit condition. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted PDF fil...
CVE-2025-62707
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...
DEBIAN-CVE-2025-62707
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...
UBUNTU-CVE-2025-62707
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...
CVE-2025-62707
CVE-2025-62707 affects the pypdf Python PDF library. Before version 6.1.3, parsing the content stream of a page that contains an inline image using the DCTDecode filter can lead to an infinite loop. IBM and linked advisories note this vulnerability is fixed in pypdf 6.1.3; remediation includes up...
CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...
CVE-2025-62707
pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...
GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...