Lucene search
+L

52 matches found

RedhatCVE
RedhatCVE
added 6 days ago7 views

CVE-2026-59935

A flaw was found in pypdf, a pure-python PDF library. A remote attacker can craft a malicious PDF file containing an unterminated inline image within the page content stream. When this crafted PDF is parsed, it can lead to an infinite loop, resulting in a denial of service DoS due to resource...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added last week6 views

CVE-2026-59936

A flaw was found in pypdf, a pure-Python PDF library. A remote attacker can craft a malicious PDF document containing an unterminated inline image within its page content stream. When a user processes this crafted PDF, such as during text extraction, the vulnerability causes an infinite loop,...

8.7CVSS5.9AI score0.00345EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/07/09 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-59936

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated...

8.7CVSS6.1AI score0.00345EPSS
Exploits0References3
NVD
NVD
added 2026/07/08 8:16 p.m.5 views

CVE-2026-59935

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...

8.7CVSS0.00352EPSS
Exploits0References4
NVD
NVD
added 2026/07/08 8:16 p.m.6 views

CVE-2026-59936

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS0.00345EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/07/08 7:34 p.m.32 views

CVE-2026-59936 pypdf: Possible infinite loop for not terminated inline images

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS0.00345EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/07/08 7:34 p.m.5 views

CVE-2026-59936

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in...

8.7CVSS6AI score0.00345EPSS
Exploits0
OSV
OSV
added 2026/07/08 7:34 p.m.2 views

CVE-2026-59935 pypdf: Possible infinite loop for not terminated inline images (ASCII85 and ASCIIHex filter)

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...

8.7CVSS6.1AI score0.00352EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/07/08 7:34 p.m.6 views

CVE-2026-59935

pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issu...

8.7CVSS6AI score0.00352EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56546

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.2 Description An attacker can craft a PDF file with a page content stream containing an unterminated inline image that utilizes ASCII85 or ASCIIHex filters. This leads to an infinite loop during the parsing process...

8.7CVSS6AI score0.00352EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.5 views

PT-2026-56547

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.14.1 Description An attacker can craft a PDF file with a page content stream containing an unterminated inline image. This leads to an infinite loop during the detection of the inline image end marker, which can occur...

8.7CVSS6AI score0.00345EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/03 12:0 a.m.13 views

PT-2026-46098

Impact In versions = 2.5.0, = 2.74.1 Workarounds If upgrading is not immediately possible: - reject file: and data: image references from untrusted input - allow only approved local or remote image sources - apply input size and memory limits to processing workers References - Fix release: v2.74....

8.1CVSS5.8AI score
Exploits0References4
Redos
Redos
added 2026/04/17 12:0 a.m.6 views

ROS-20260417-73-0020

A vulnerability in the ContentStream.readInlineImage function of the PyPDF2 PDF processing library is related to incorrect implementation of the loop exit condition. Exploitation of the vulnerability allows an attacker acting remotely to cause a denial of service using a specially crafted PDF fil...

6.2CVSS6.3AI score0.01317EPSS
Exploits1
NVD
NVD
added 2025/10/22 10:15 p.m.40 views

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

8.7CVSS0.00402EPSS
Exploits0References4
OSV
OSV
added 2025/10/22 10:15 p.m.3 views

DEBIAN-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

7.5CVSS5.3AI score0.00402EPSS
Exploits0References1
OSV
OSV
added 2025/10/22 10:15 p.m.7 views

UBUNTU-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

8.7CVSS7AI score0.00402EPSS
Exploits0References6
CVE
CVE
added 2025/10/22 9:36 p.m.52 views

CVE-2025-62707

CVE-2025-62707 affects the pypdf Python PDF library. Before version 6.1.3, parsing the content stream of a page that contains an inline image using the DCTDecode filter can lead to an infinite loop. IBM and linked advisories note this vulnerability is fixed in pypdf 6.1.3; remediation includes up...

8.7CVSS6.5AI score0.00402EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/22 9:36 p.m.3 views

CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

8.7CVSS6.5AI score0.00402EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/10/22 9:36 p.m.70 views

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

8.7CVSS5.3AI score0.00402EPSS
Exploits0
OSV
OSV
added 2025/10/22 7:40 p.m.5 views

GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...

8.7CVSS6.8AI score0.00402EPSS
Exploits0References6
Rows per page
Query Builder