CVE-2026-33123

ADVISORY - github

Summary

Impact

An attacker who uses this vulnerability can craft a PDF which leads to long runtimes and/or large memory usage. This requires accessing an array-based stream with lots of entries.

Patches

This has been fixed in pypdf==6.9.1.

Workarounds

If you cannot upgrade yet, consider applying the changes from PR #3686.

EPSS Score: 0.00349 (0.270)

Common Weakness Enumeration (CWE)

ADVISORY - nist

Uncontrolled Resource Consumption

Inefficient Algorithmic Complexity

ADVISORY - github

Uncontrolled Resource Consumption

Inefficient Algorithmic Complexity

ADVISORY - redhat

Allocation of Resources Without Limits or Throttling


Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in