[Git][security-tracker-team/security-tracker][master] Add Debian bug references for pypdf issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Apr 23 21:34:47 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b4206d8f by Salvatore Bonaccorso at 2026-04-23T22:34:24+02:00
Add Debian bug references for pypdf issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -206,19 +206,19 @@ CVE-2026-41455 (WeKan before8.35 contains a server-side request forgery vulnerab
CVE-2026-41454 (WeKan before8.35 contains a missing authorization vulnerability in the ...)
- wekan <itp> (bug #819238)
CVE-2026-41314 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
- - pypdf <unfixed>
+ - pypdf <unfixed> (bug #1134738)
- pypdf2 <removed>
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-x284-j5p8-9c5p
NOTE: https://github.com/py-pdf/pypdf/pull/3734
NOTE: Fixed by: https://github.com/py-pdf/pypdf/commit/ac734dab4eef92bcce50d503949b4d9887d89f11 (6.10.2)
CVE-2026-41313 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
- - pypdf <unfixed>
+ - pypdf <unfixed> (bug #1134737)
- pypdf2 <removed>
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-4pxv-j86v-mhcw
NOTE: https://github.com/py-pdf/pypdf/pull/3735
NOTE: Fixed by: https://github.com/py-pdf/pypdf/commit/c50a0104cf083356f7c7f5d61410466a57f5c88a (6.10.2)
CVE-2026-41312 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
- - pypdf <unfixed>
+ - pypdf <unfixed> (bug #1134736)
- pypdf2 <removed>
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-7gw9-cf7v-778f
NOTE: https://github.com/py-pdf/pypdf/pull/3734
@@ -275,7 +275,7 @@ CVE-2026-41171 (Squidex is an open source headless content management system and
CVE-2026-41170 (Squidex is an open source headless content management system and conte ...)
NOT-FOR-US: Squidex
CVE-2026-41168 (pypdf is a free and open-source pure-python PDF library. An attacker w ...)
- - pypdf <unfixed>
+ - pypdf <unfixed> (bug #1134733)
- pypdf2 <removed>
NOTE: https://github.com/py-pdf/pypdf/security/advisories/GHSA-jj6c-8h6c-hppx
NOTE: https://github.com/py-pdf/pypdf/pull/3733
@@ -3535,7 +3535,7 @@ CVE-2026-40263 (Note Mark is an open-source note-taking application. In versions
CVE-2026-40262 (Note Mark is an open-source note-taking application. In versions 0.19. ...)
NOT-FOR-US: Note Mark
CVE-2026-40260 (pypdf is a free and open-source pure-python PDF library. In versions p ...)
- - pypdf <unfixed>
+ - pypdf <unfixed> (bug #1134731)
[trixie] - pypdf <no-dsa> (Minor issue)
[bookworm] - pypdf <no-dsa> (Minor issue)
- pypdf2 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4206d8fcf09117b5548c1400939d3562aa19577
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4206d8fcf09117b5548c1400939d3562aa19577
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260423/bbcbb3b2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list