漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
pypdf has possible long runtimes for wrong size values in cross-reference and object streams
Vulnerability Description
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one may apply the changes from the patch manually.
CVSS Information
N/A
Vulnerability Type
过度迭代
Vulnerability Title
pypdf 安全漏洞
Vulnerability Description
pypdf是py-pdf开源的一个免费开源的纯 python PDF 库。能够拆分、合并、裁剪和转换 PDF 文件的页面。 pypdf 6.10.1之前版本存在安全漏洞,该漏洞源于攻击者可制作具有错误大Size值的交叉引用流或错误大N值的对象流的PDF,可能导致长时间运行。
CVSS Information
N/A
Vulnerability Type
N/A