ROOT-APP-PYPI-CVE-2025-64512 CVE-2025-64512 in rootio-pdfminer.six - Patched by Root

Root has patched CVE-2025-64512 in the rootio-pdfminer.six package for Root:PyPI. Multiple fixed versions available...

0lever-utils (>=0.0.2 <=0.0.7), 0x-web3 (=5.0.0a5) +6207 more potentially affected by CVE-2026-34073 via cryptography (>=0.6.1 <=46.0.5)

cryptography PYPI version =0.6.1, =0.0.2, =2.3.84, =0.1.0, =2.3.0, =0.1.0, =0.5.0rc5, =0.9.2, =0.4.24, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =0.1.9 and more Source cves: CVE-2026-34073 Source advisory: OSV:GHSA-M959-CC7F-WV43...

CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...

UBUNTU-CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...

CVE-2025-70559

pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the applicati...

Linux Distros Unpatched Vulnerability : CVE-2025-70559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMa...

Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate Developer Edition

Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate Developer Edition version 2.3.0 Vulnerability Details CVEID:CVE-2025-64512 DESCRIPTION: Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to...

Fedora: Security Advisory (FEDORA-2026-4686d11563)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 42 Update: python-pdfminer-20240706-5.fc42

Pdfminer.six is a community maintained fork of the original PDFMiner. It is a tool for extracting information from PDF documents. It focuses on getting and analyzing text data. Pdfminer.six extracts the text from a page directly from the sourcecode of the PDF. It can also be used to get the exact...

Fedora 42 : python-pdfminer (2026-4686d11563)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4686d11563 advisory. Backport fix for CVE-2025-64512 / GHSA-wf5f-4jwr-ppcp Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

[SECURITY] [DLA 4374-2] pdfminer security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4374-2 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 08, 2026 https://wiki.debian.org/LTS -...

Fedora 43 : python-pdfminer (2025-e77e051f0c)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-e77e051f0c advisory. Update to 20251230: security fix for CVE-2025-64512 https://github.com/pdfminer/pdfminer.six/blob/20251230/CHANGELOG.md Tenable has extracted the preceding...

DLA-4374-2 pdfminer - regression update

Bulletin has no description...

Fedora: Security Advisory (FEDORA-2025-e77e051f0c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Remote Code Execution (RCE)

pdfminer.six is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization in the CMapDB.loaddata function, where pickle.loads processes attacker-controlled pickle.gz files referenced by a malicious PDF, allowing arbitrary code execution when the file is...

Debian: Security Advisory (DSA-6062-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 6062-1] pdfminer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6062-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 25, 2025 https://www.debian.org/security/faq -...

Debian dsa-6062 : pdfminer-data - security update

The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6062 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6062-1 [email protected] https://www.debian.org/security/...

DSA-6062-1 pdfminer - security update

Bulletin has no description...

Debian: Security Advisory (DLA-4374-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...