Infinite loop Affecting pypdf2 package, versions [2.10.5,2.10.6)
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PYTHON-PYPDF2-5750299
- published 2 Jul 2023
- disclosed 30 Jun 2023
- credit MartinThoma
Introduced: 30 Jun 2023
CVE-2023-36807 Open this link in a new tabHow to fix?
Upgrade PyPDF2 to version 2.10.6 or higher.
Overview
PyPDF2 is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files
Affected versions of this package are vulnerable to Infinite loop when reading malformed objects. Exploiting this vulnerability is possible by sending a crafted PDF and results in blocking the current process and can utilize a single core of the CPU by 100%.
Workarounds
If you cannot update your version of PyPDF2 (preferably to pypdf>3.1.0 as PyPDF2 is deprecated), you should modify PyPDF2/generic/_data_structures.py::read_object.
Replace:
else:
# number object OR indirect reference
peek = stream.read(20)
stream.seek(-len(peek), 1) # reset to start
if IndirectPattern.match(peek) is not None:
return IndirectObject.read_from_stream(stream, pdf)
else:
return NumberObject.read_from_stream(stream)
by
elif tok in b"0123456789+-.":
# number object OR indirect reference
peek = stream.read(20)
stream.seek(-len(peek), 1) # reset to start
if IndirectPattern.match(peek) is not None:
return IndirectObject.read_from_stream(stream, pdf)
else:
return NumberObject.read_from_stream(stream)
else:
raise PdfReadError(
f"Invalid Elementary Object starting with {tok} @{stream.tell()}"
)