Sign In

GHSA-jj6c-8h6c-hppx

ADVISORY - github

Summary

Impact

An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large /Size values or object streams with wrong large /N values.

Patches

This has been fixed in pypdf==6.10.1.

Workarounds

If you cannot upgrade yet, consider applying the changes from PR #3733.

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-834

Excessive Iteration

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in