CVE-2025-70559

{"id": "CVE-2025-70559", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2026-02-03T18:16:17.783", "references": [{"url": "https://github.com/advisories/GHSA-f83h-ghpp-7wcc", "source": "cve@mitre.org"}, {"url": "https://github.com/pdfminer/pdfminer.six/security/advisories/GHSA-f83h-ghpp-7wcc", "source": "cve@mitre.org"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "pdfminer.six before 20251230 contains an insecure deserialization vulnerability in the CMap loading mechanism. The library uses Python pickle to deserialize CMap cache files without validation. An attacker with the ability to place a malicious pickle file in a location accessible to the application can trigger arbitrary code execution or privilege escalation when the file is loaded by a trusted process. This is caused by an incomplete patch to CVE-2025-64512."}, {"lang": "es", "value": "pdfminer.six antes de 20251230 contiene una vulnerabilidad de deserializaci\u00f3n insegura en el mecanismo de carga de CMap. La librer\u00eda utiliza Python pickle para deserializar archivos de cach\u00e9 de CMap sin validaci\u00f3n. Un atacante con la capacidad de colocar un archivo pickle malicioso en una ubicaci\u00f3n accesible para la aplicaci\u00f3n puede desencadenar ejecuci\u00f3n de c\u00f3digo arbitrario o escalada de privilegios cuando el archivo es cargado por un proceso de confianza. Esto es causado por un parche incompleto para CVE-2025-64512."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "cve@mitre.org"}