8 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-49460
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes...
DEBIAN-CVE-2026-49460
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...
CVE-2026-49460
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...
CVE-2026-49460
CVE-2026-49460 affects the Python PDF library pypdf . Prior to version 6.12.2 , processing a PDF that uses a stream with the /FlateDecode filter and a PNG predictor can cause unusually long runtimes. The issue is fixed in 6.12.2 . Impact, in line with the sources, is a denial of service-like slow...
CVE-2026-49461 pypdf: Possible large memory usage for form XObjects during text extraction
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-references. This vulnerability is fixed in 6.12....
Allocation of Resources Without Limits or Throttling
Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the text extraction when handling form XObjects with self-references. An...
pypdf: Inefficient decoding of FlateDecode PNG predictor streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. Patches This has been fixed in pypdf==6.12.2. Workarounds If you cannot upgrade yet, consider applying the changes...
Hewlett Packard Enterprise ClearPass Policy Manager 安全漏洞
Hewlett Packard Enterprise ClearPass Policy Manager is a wireless network security access management system from Hewlett Packard Enterprise. A security vulnerability in Hewlett Packard Enterprise ClearPass Policy Manager version 6.11.x prior to 6.11.9 and version 6.12.x prior to 6.12.2 stems from...