openSUSE-SU-2026:20375-1

Опубликовано: 17 мар. 2026

Источник: suse-cvrf

Описание

Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues:

Changes in python-PyPDF2:

CVE-2025-31826: Fixed denial of service due to excessive memory consumption via crafted PDF (bsc#1259508).

Список пакетов

openSUSE Leap 16.0

python313-PyPDF2-2.11.1-bp160.4.1

Ссылки

https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1259508
SUSE Bug 1259508
https://www.suse.com/security/cve/CVE-2026-31826/
SUSE CVE CVE-2026-31826 page

Описание

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.

Затронутые продукты

openSUSE Leap 16.0:python313-PyPDF2-2.11.1-bp160.4.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-31826.html
CVE-2026-31826
https://bugzilla.suse.com/1259508
SUSE Bug 1259508

openSUSE-SU-2026:20375-1

Описание

Список пакетов

openSUSE Leap 16.0

Ссылки

Уязвимость: CVE-2026-31826

Описание

Затронутые продукты

Ссылки