python311-PyPDF2-2.11.1-8.1 on GA media (moderate)

python311-PyPDF2-2.11.1-8.1 on GA media Announcement ID: openSUSE-SU-2026:10402-1 Rating: moderate Cross-References: CVE-2026-33123 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2026:20348-1 Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues: Changes in python-PyPDF2: - CVE-2026-28804: Denial of Service via crafted PDF with ASCIIHexDecode filter bsc1259404 - Update sources with osc run downloadfiles...

CVE-2026-31826

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. Thi...

python311-PyPDF2-2.11.1-5.1 on GA media (moderate)

python311-PyPDF2-2.11.1-5.1 on GA media Announcement ID: openSUSE-SU-2026:10284-1 Rating: moderate Cross-References: CVE-2026-27628 CVE-2026-27888 CVSS scores: CVE-2026-27888 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-27888 SUSE : 6.9...

CVE-2026-28351

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaroun...

EUVD-2026-8601

pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams...

01os (>=0.0.5 <=0.0.13), 3m (>=0.1.0 <=0.1.3) +2538 more potentially affected by CVE-2026-27628 via pypdf (>=3.10.0 <=6.7.1)

pypdf PYPI version =3.10.0, =0.0.5, =0.1.0, =0.0.1, =0.4.1, =0.3.6, =0.2.5, =0.0.2, =0.2.0, =1.2.27, =0.1.0, =0.6.0, =1.2.32, =2.0.2 and more Source cves: CVE-2026-27628 Source advisory: OSV:GHSA-2RW7-X74F-JG35...

UBUNTU-CVE-2026-27025

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.1, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes and large memory consumption. This requires parsing the /ToUnicode entry of a font with unusually large values, for example during text...

python311-pypdf-6.6.2-1.1 on GA media (moderate)

python311-pypdf-6.6.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10116-1 Rating: moderate Cross-References: CVE-2026-24688 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2026:10116-1 python311-pypdf-6.6.2-1.1 on GA media

These are all security issues fixed in the python311-pypdf-6.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

EUVD-2026-1691

pypdf has possible long runtimes for malformed startxref...

EUVD-2026-1692

pypdf has possible long runtimes for missing /Root object with large /Size values...

PT-2026-2245

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.6.0 Description pypdf is a pure-python PDF library. Versions prior to 6.6.0 are susceptible to long runtimes when processing malformed startxref entries within PDF files. An attacker can create a specially crafted PDF...

OPENSUSE-SU-2025:15776-1 python311-pypdf-6.4.0-1.1 on GA media

These are all security issues fixed in the python311-pypdf-6.4.0-1.1 package on the GA media of openSUSE Tumbleweed...

Astra Linux - уязвимость в pypdf2

pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if parsecontentstream is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request 969 and resolv...

EUVD-2025-35624

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3...

GHSA-VR63-X8VC-M265 pypdf possibly loops infinitely when reading DCT inline images without EOF marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...

The vulnerability of Python libraries for working with PDF files, such as PyPDF and PyPDF2, relates to the execution of loops with an unreachable exit condition. This allows attackers to cause service failures.

The vulnerability of Python libraries for working with PDF files, such as PyPDF and PyPDF2, is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow an attacker to cause a service failure...

USN-6280-1 pypdf2 vulnerability

It was discovered that PyPDF2 incorrectly handled PDF files with certain markers. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to consume system resources, resulting in a denial of service...

PyPDF2 安全漏洞

PyPDF2 is a free open source pure python PDF library . Able to split, merge, crop and convert pages of a PDF file. PyPDF2 versions 2.2.0 to 3.8.1 has a security vulnerability , the vulnerability stems from the attacker may be able to create a PDF, if the implementation of parsecontentstream, will...