CVE-2026-59936
- EPSS 0.3%
- Veröffentlicht 08.07.2026 19:34:22
- Zuletzt bearbeitet 09.07.2026 20:41:41
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when ...
CVE-2026-59935
- EPSS 0.33%
- Veröffentlicht 08.07.2026 19:34:15
- Zuletzt bearbeitet 09.07.2026 20:42:14
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsi...
CVE-2026-59937
- EPSS 0.3%
- Veröffentlicht 08.07.2026 17:25:34
- Zuletzt bearbeitet 09.07.2026 20:39:31
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue ...
CVE-2026-59938
- EPSS 0.33%
- Veröffentlicht 08.07.2026 17:24:29
- Zuletzt bearbeitet 09.07.2026 20:41:11
pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue i...
CVE-2026-57204
- EPSS 0.21%
- Veröffentlicht 30.06.2026 21:59:46
- Zuletzt bearbeitet 06.07.2026 16:21:07
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.3, a maliciously crafted PDF can cause DoS. An attacker who uses this vulnerability can craft a PDF which leads to large memory usage, as MAX_DECLARED_STREAM_LENGTH is sometimes i...
CVE-2026-54651
- EPSS 0.11%
- Veröffentlicht 22.06.2026 20:28:28
- Zuletzt bearbeitet 24.06.2026 16:41:34
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.1, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer. This vulnerability is...
CVE-2026-49460
- EPSS 0.12%
- Veröffentlicht 22.06.2026 20:28:16
- Zuletzt bearbeitet 25.06.2026 16:51:17
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. ...
CVE-2026-49461
- EPSS 0.12%
- Veröffentlicht 22.06.2026 20:27:16
- Zuletzt bearbeitet 25.06.2026 16:48:15
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting the text of a page which contains a form XObject with self-r...
CVE-2026-54531
- EPSS 0.12%
- Veröffentlicht 22.06.2026 20:26:19
- Zuletzt bearbeitet 25.06.2026 16:46:14
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed i...
CVE-2026-54530
- EPSS 0.12%
- Veröffentlicht 22.06.2026 20:25:29
- Zuletzt bearbeitet 25.06.2026 16:47:28
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...