openSUSE-SU-2026:20430-1

Опубликовано: 25 мар. 2026

Источник: suse-cvrf

Описание

Security update for python-PyPDF2

This update for python-PyPDF2 fixes the following issues:

Changes in python-PyPDF2:

CVE-2026-33123: Fixed excessive resource consumption when processing specially crafted PDF due to inefficient decoding of array-based streams (bsc#1259992)

Список пакетов

openSUSE Leap 16.0

python313-PyPDF2-2.11.1-bp160.5.1

Ссылки

https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1259992
SUSE Bug 1259992
https://www.suse.com/security/cve/CVE-2026-33123/
SUSE CVE CVE-2026-33123 page

Описание

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1.

Затронутые продукты

openSUSE Leap 16.0:python313-PyPDF2-2.11.1-bp160.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-33123.html
CVE-2026-33123
https://bugzilla.suse.com/1259992
SUSE Bug 1259992

openSUSE-SU-2026:20430-1

Описание

Список пакетов

openSUSE Leap 16.0

Ссылки

Уязвимость: CVE-2026-33123

Описание

Затронутые продукты

Ссылки