ragflow/utils at 08f83ff3313344d45f57d3d2c20bbf7316f7dd79 - ragflow - Gitea: Git with a cup of tea

youngkingdom/ragflow

mirror of https://github.com/infiniflow/ragflow.git synced 2026-03-11 02:07:57 +08:00

Files

History

guptas6est 32d31284cc Fix: upgrade pypdf to 6.7.5 and migrate from deprecated pypdf2 to fix CVE-2026-28804 and CVE-2023-36464 (#13454 )

### What problem does this PR solve?

This PR addresses security vulnerabilities in PDF processing
dependencies identified by Trivy security scan:

1. CVE-2026-28804 (MEDIUM): pypdf 6.7.4 vulnerable to inefficient
decoding of ASCIIHexDecode streams
2. CVE-2023-36464 (MEDIUM): pypdf2 3.0.1 susceptible to infinite loop
when parsing malformed comments

Since pypdf2 is deprecated with no available fixes, this PR migrates all
pypdf2 usage to the actively maintained pypdf library (version 6.7.5),
which resolves
both vulnerabilities.


### Type of change

- [x] Bug Fix (non-breaking change which fixes an issue)

2026-03-09 12:06:00 +08:00

..

__init__.py

Move token related functions to common (#10942 )

2025-11-03 08:50:05 +08:00

azure_sas_conn.py

Move api.settings to common.settings (#11036 )

2025-11-06 09:36:38 +08:00

azure_spn_conn.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00

base64_image.py

Fix: close detached PIL image on JPEG save failure in encode_image (#13278 )

2026-02-28 14:43:35 +08:00

encrypted_storage.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00

es_conn.py

Fix: add soft limit for graph rag size (#13252 )

2026-03-02 14:02:36 +08:00

file_utils.py

Fix: upgrade pypdf to 6.7.5 and migrate from deprecated pypdf2 to fix CVE-2026-28804 and CVE-2023-36464 (#13454 )

2026-03-09 12:06:00 +08:00

gcs_conn.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00

infinity_conn.py

Fix issue #13084 (#13088 )

2026-02-10 17:04:45 +08:00

lazy_image.py

refactor(word): lazy-load DOCX images to reduce peak memory without changing output (#13233 )

2026-02-28 11:22:31 +08:00

minio_conn.py

fix(api): MinIO health check use dynamic scheme and verify (Closes #13159 and #13158 ) (#13197 )

2026-02-25 09:47:12 +08:00

ob_conn.py

fix: add missing chunk_data column to OceanBase schema migration (#13306 )

2026-03-02 13:25:11 +08:00

opendal_conn.py

fix: keep password in opendal config to fix connection initialization (#12529 )

2026-01-09 14:19:32 +08:00

opensearch_conn.py

fix: close file handles when loading JSON mapping in doc store connectors (#12904 )

2026-01-30 14:07:51 +08:00

oss_conn.py

Fix: Alibaba cloud OSS config issue (#13406 )

2026-03-05 18:13:45 +08:00

raptor_utils.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00

redis_conn.py

Supports login cross multiple RAGFlow servers (#13322 )

2026-03-04 13:07:45 +08:00

s3_conn.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00

storage_factory.py

Move api.settings to common.settings (#11036 )

2025-11-06 09:36:38 +08:00

tavily_conn.py

Fix IDE warnings (#12281 )

2025-12-29 12:01:18 +08:00