PT-2026-46098

Impact In versions = 2.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible: - reject file: and data: image references from untrusted input - allow only approved local or remote image sources - apply input size and memory limits to processing workers References - Fix release: v2.74....

ROS-20260417-73-0020

A vulnerability in the ContentStream.readInlineImage function of the PyPDF2 PDF processing library is related to incorrect implementation of the loop exit condition. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted PDF fil...

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

DEBIAN-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

UBUNTU-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2025-62707

CVE-2025-62707 affects the pypdf Python PDF library. Before version 6.1.3, parsing the content stream of a page that contains an inline image using the DCTDecode filter can lead to an infinite loop. IBM and linked advisories note this vulnerability is fixed in pypdf 6.1.3; remediation includes up...

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...

pypdf 安全漏洞

pypdf is py-pdf open source a free open source pure python PDF library . The ability to split, merge, crop and convert pages of a PDF file. A security vulnerability exists in pypdf versions prior to 6.1.3, which stems from parsing a stream of inline image page content using the DCTDecode filter,...

PT-2025-43413

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.1.3 Description A crafted PDF file can cause an infinite loop when parsed, specifically when processing the content stream of a page containing an inline image utilizing the DCTDecode filter. This issue requires parsi...

EUVD-2023-56368

Malicious code in bioql PyPI...

CVE-2023-51668

Cross-Site Request Forgery CSRF vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18...

CVE-2021-23932

OX App Suite through 7.10.4 allows XSS via an inline image with a crafted filename...

WordPress plugin Inline Image Upload for BBPress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

WordPress Inline Image Upload for BBPress plugin <= 1.1.19 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by yudha in WordPress Plugin Inline Image Upload for BBPress versions = 1.1.19...

CVE-2023-51668

Cross-Site Request Forgery CSRF vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18...

CVE-2023-51668

Cross-Site Request Forgery CSRF vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in WP Zone Inline Image Upload for BBPress.This issue affects Inline Image Upload for BBPress: from n/a through 1.1.18...

CVE-2023-51668

Technical details are not publicly provided in the connected documents. The initial entry notes a CSRF vulnerability in WP Zone Inline Image Upload for BBPress (affecting up to 1.1.18); no further specifics are included here. Monitor for updates.