Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Mageia 8, 9 MGASA-2023-0254 Critical: Python-Pypdf2 Runtime Threat

mageia
Calendar Grey September 11, 2023
Dist Mageia Esm H88
Recent enhancements to the python-pypdf2 libraries address a runtime vulnerability impacting Mageia versions 8 and 9 following its identification.
It was discovered that python-pypdf2 contained a vulnerability whereby an attacker can craft a PDF which leads to unexpected long runtime

Summary

It was discovered that python-pypdf2 contained a vulnerability whereby an attacker can craft a PDF which leads to unexpected long runtime. (CVE-2023-36810).

References

- https://bugs.mageia.org/show_bug.cgi?id=32115

- https://lists.debian.org/debian-lts-announce/2023/07/msg00019.html

- https://www.cve.org/CVERecord?id=CVE-2023-36810

Resolution

SRPMS

- 9/core/python-pypdf2-1.27.9-1.mga9

- 8/core/python-pypdf2-1.27.9-1.mga8

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 11 Sep 2023
URL: https://advisories.mageia.org/MGASA-2023-0254.html
Type: security
CVE: CVE-2023-36810

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here