GHSA-4pxv-j86v-mhcw

ADVISORY - github

Summary

Impact

An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode.

Patches

This has been fixed in pypdf==6.10.2.

Workarounds

If you cannot upgrade yet, consider applying the changes from PR #3735.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-834⁠

Excessive Iteration

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.