pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams

Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. Patches This has been fixed in pypdf==6.7.5. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3666...

OSV-2025-512 Invalid-free in pdf_decodestream

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=428754704 Crash type: Invalid-free Crash state: pdfdecodestream pdfextractobj clipdf...

Fedora: Security Advisory for golang-github-francoispqt-gojay (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-francoispqt-gojay-1.2.13-7.fc36

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

[SECURITY] Fedora 36 Update: golang-github-francoispqt-gojay-1.2.13-6.fc36

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

[SECURITY] Fedora 34 Update: golang-github-francoispqt-gojay-1.2.13-6.fc34

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

[SECURITY] Fedora 35 Update: golang-github-francoispqt-gojay-1.2.13-6.fc35

GoJay is a performant JSON encoder/decoder for Golang currently the most performant, see benchmarks. It has a simple API and doesn't use reflection. It relies on small interfaces to decode/encode structures and slices. Gojay also comes with powerful stream decoding features and an even faster...

ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-080 June 6, 2012 - -- CVE ID: CVE-2012-0754 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

Novell client fro Windows buffer overflow

Buffer overflow in DPRPC library on XDR stream decoding...