Py-Pdf Pypdf vulnerabilities
22 known vulnerabilities affecting py-pdf/pypdf.
Total CVEs
22
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM19LOW3
Vulnerabilities
Page 2 of 2
CVE-2023-36810MEDIUMCVSS 6.5fixed in 1.27.92023-06-30
CVE-2023-36810 [MEDIUM] CWE-407 CVE-2023-36810: pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pag
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. This
nvd
CVE-2023-36464MEDIUMCVSS 5.5v pypdf: < 3.90vPyPDF2: >= 2.2.02023-06-27
CVE-2023-36464 [MEDIUM] CWE-835 CVE-2023-36464: pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF w
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and resolved in pull request #1828. Users are advised to
nvd
← Previous2 / 2