Homepage

pypdf@1.11 vulnerabilities

A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files

  • latest version

    5.3.1

  • latest non vulnerable version

    5.3.1

  • first published

    10 years ago

  • latest version published

    8 days ago

  • licenses detected

  • View pypdf package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the pypdf package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Denial of Service (DoS)

    pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files

    Affected versions of this package are vulnerable to Denial of Service (DoS). An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if __parse_content_stream is executed. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage.

    How to fix Denial of Service (DoS)?

    Upgrade pypdf to version 3.9.0 or higher.

    [,3.9.0)
    Go back to all versions of this package