pypdf 安全漏洞

pypdf is an open-source, free, and pure Python PDF library developed by py-pdf. It allows for splitting, merging, cropping, and converting pages of PDF files. Prior to version 6.10.2, pypdf had a security vulnerability. This vulnerability occurred when processing streams that used FlateDecode...

Memory Allocation with Excessive Size Value

Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the FlateDecode method when handling streams with a /Predictor value not equal to ...

CVE-2025-13466

The CVE-2025-13466 entry corresponds to a DoS vulnerability in body-parser 2.2.0 caused by inefficient handling of URL-encoded bodies with a large number of parameters, which can exhaust CPU and memory within the default 100 KB request size limit and lead to service slowdown or outages. A fix is ...

Denial of Service via Unbounded parameter values

Description The /api/memories endpoint in the LibreChat application is found to be accepting arbitrarily large values for the key and value parameters. These inputs are not being properly validated or restricted in terms of maximum allowed character length. When an input containing more than 100...

CVE-2023-5678 Excessive time spent in DH check / generation with large Q parameter value

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHgeneratekey to generate an X9.42 DH key may experience long delays. Likewise, applications that use...

USN-6435-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial of service. CVE-2023-3446 Bernd Edlinger discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker...

UBUNTU-CVE-2020-36475

An issue was discovered in Mbed TLS before 2.25.0 and before 2.16.9 LTS and before 2.7.18 LTS. The calculations performed by mbedtlsmpiexpmod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs...

DEBIAN-CVE-2015-3225

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service SystemStackError via a request with a large parameter depth...

CVE-2006-5098

lib/exec/fetch.php in DokuWiki before 2006-03-09e allows remote attackers to cause a denial of service CPU consumption via large w and h parameters, when resizing an image...

WFTPD Server GUI 3.21 - Remote Denial of Service

WFTPD Server GUI 3.21 - Remote Denial of Service source: https://www.securityfocus.com/bid/9908/info WFTPD server front end GUI has been reported to be prone to a denial of service. The issue is reported to present itself if a user who is logged into the affected service issues an FTP request wit...