Lucene search
K

71 matches found

NVD
NVD
added 2026/06/22 9:16 p.m.8 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS0.00117EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 9:16 p.m.4 views

DEBIAN-CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

3.3CVSS5.8AI score0.00117EPSS
Exploits0References1
OSV
OSV
added 2026/06/22 9:16 p.m.4 views

UBUNTU-CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/22 8:28 p.m.23 views

CVE-2026-49460 pypdf: Inefficient decoding of FlateDecode PNG predictor streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS0.00117EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/22 8:28 p.m.6 views

CVE-2026-49460

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...

5.1CVSS5.8AI score0.00117EPSS
Exploits0
CVE
CVE
added 2026/06/22 8:28 p.m.16 views

CVE-2026-49460

CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...

5.1CVSS5.8AI score0.00117EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/16 1:46 p.m.7 views

pypdf: Inefficient decoding of FlateDecode PNG predictor streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying the changes...

5.1CVSS5.2AI score0.00117EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.8 views

PT-2026-49729

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.12.2 Description An attacker can craft a PDF file that results in long runtimes. This occurs when accessing a stream that utilizes the /FlateDecode filter with a PNG predictor. Recommendations Update to version 6.12.2...

5.1CVSS5.9AI score0.00117EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/12 6:29 p.m.14 views

EUVD-2026-32913

pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams...

5.1CVSS5.1AI score0.00124EPSS
Exploits0References5
OSV
OSV
added 2026/06/12 6:29 p.m.7 views

GHSA-248M-82V9-Q6G6 pypdf: Possible long runtimes for zero-only width values in cross-reference streamsuntimes for zero-only width values in cross-reference streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. Patches This has been fixed in pypdf==6.12.0. Workarounds If developers are unable to upgrade their apps immediately, the...

5.1CVSS5.2AI score0.00124EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/05/30 1:59 a.m.21 views

SUSE CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.23 views

Linux Distros Unpatched Vulnerability : CVE-2026-48156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
OSV
OSV
added 2026/05/28 4:16 p.m.8 views

UBUNTU-CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/28 2:50 p.m.12 views

CVE-2026-48156

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS5.8AI score0.00124EPSS
Exploits0
Cvelist
Cvelist
added 2026/05/28 2:50 p.m.32 views

CVE-2026-48156 pypdf: Possible long runtimes for zero-only width values in cross-reference streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W 0 0 0 values and large /Size values. This vulnerability is fixed in 6.12.0...

5.1CVSS0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.12 views

SUSE CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

6.9CVSS5.6AI score0.00297EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/04/24 1:28 a.m.5 views

SUSE CVE-2026-41313

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...

4.8CVSS5.6AI score0.00214EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/23 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to...

6.9CVSS5.8AI score0.00297EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 10:16 p.m.6 views

CVE-2026-41313

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...

6.5CVSS0.00214EPSS
Exploits0References4
NVD
NVD
added 2026/04/22 9:17 p.m.5 views

CVE-2026-41168

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values. This ha...

6.9CVSS0.00297EPSS
Exploits0References4
Rows per page
Query Builder