cbcvebase.

Pypdf Project Pypdf vulnerabilities

34 known vulnerabilities affecting pypdf_project/pypdf.

Total CVEs
34
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH6MEDIUM26LOW2

Vulnerabilities

Page 1 of 2
CVE-2026-33699P3HIGHCVSS 7.5fixed in 6.9.22026-03-27
CVE-2026-33699 [HIGH] CWE-835 CVE-2026-33699: pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerabilit pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade yet, consider applying the changes from the patch manually.
ghsanvdosv
CVE-2025-55197P3HIGHCVSS 7.5fixed in 6.0.02025-08-13
CVE-2025-55197 [HIGH] CWE-400 CVE-2025-55197: pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can cra pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other content streams are affected on explicit access. This issue has been fixed in 6.
ghsanvdosv
CVE-2025-62707P3HIGHCVSS 7.5fixed in 6.1.32025-10-22
CVE-2025-62707 [HIGH] CWE-834 CVE-2025-62707: pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who use pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in pypdf version 6.1.3.
ghsanvdosv
CVE-2026-27888P3HIGHCVSS 7.5fixed in 6.7.32026-02-26
CVE-2026-27888 [HIGH] CWE-400 CVE-2026-27888: pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this v pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corresponding stream being compressed using `/FlateDecode`. This has been fixed in pypdf 6.7.3. As a workaround
ghsanvdosv
CVE-2025-62708P3HIGHCVSS 7.5fixed in 6.1.32025-10-22
CVE-2025-62708 [HIGH] CWE-409 CVE-2025-62708: pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who use pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf version 6.1.3.
ghsanvdosv
CVE-2026-27628P3HIGHCVSS 7.5fixed in 6.7.22026-02-25
CVE-2026-27628 [HIGH] CWE-835 CVE-2026-27628: pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this v pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2. As a workaround, one may apply the patch manually.
ghsanvdosv
CVE-2025-66019P3MEDIUM≥ 0, < 6.4.02025-11-24
CVE-2025-66019 [MEDIUM] CWE-400 pypdf's LZWDecode streams be manipulated to exhaust RAM pypdf's LZWDecode streams be manipulated to exhaust RAM ### Impact An attacker who uses this vulnerability can craft a PDF which leads to a memory usage of up to 1 GB per stream. This requires parsing the content stream of a page using the LZWDecode filter. This is a follow up to [GHSA-jfx9-29x2-rv3j](https://github.com/py-pdf/pypdf/security/advisories/GHSA-jfx9-29x2-rv3j) to align the default limit with t
ghsaosv
CVE-2026-41312P4MEDIUMCVSS 6.5fixed in 6.10.22026-04-22
CVE-2026-41312 [MEDIUM] CWE-789 CVE-2026-41312: pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability presen pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode` with a `/Predictor` unequal 1 and large predictor parameters. This has been fixed in pypdf 6.10.2. A
nvd
CVE-2026-41314P4MEDIUMCVSS 6.5fixed in 6.10.22026-04-22
CVE-2026-41314 [MEDIUM] CWE-789 CVE-2026-41314: pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability presen pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large size values. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from th
nvd
CVE-2026-33123P4MEDIUMCVSS 6.5fixed in 6.9.12026-03-20
CVE-2026-33123 [MEDIUM] CWE-400 CVE-2026-33123: pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker t pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entries. This issue has been fixed in version 6.9.1.
ghsanvdosv
CVE-2026-41313P4MEDIUMCVSS 6.5fixed in 6.10.22026-04-22
CVE-2026-41313 [MEDIUM] CWE-834 CVE-2026-41313: pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability presen pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremental mode. This has been fixed in pypdf 6.10.2. As a workaround, one may apply the changes from the pa
nvd
CVE-2023-36810P4MEDIUMCVSS 6.5≤ 1.27.82023-06-30
CVE-2023-36810 [MEDIUM] CWE-407 CVE-2023-36810: pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pag pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. This
nvd
CVE-2023-36807P4MEDIUMCVSS 6.5v2.10.52023-06-30
CVE-2023-36807 [MEDIUM] CWE-835 CVE-2023-36807: pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pag pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage
nvd
CVE-2026-22690P4MEDIUMCVSS 5.3fixed in 6.6.02026-01-10
CVE-2026-22690 [MEDIUM] CWE-400 CVE-2026-22690: pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files. This can be achieved by omitting the /Root entry in the trailer, w
ghsanvdosv
CVE-2026-28804P4MEDIUMCVSS 5.3fixed in 6.7.52026-03-06
CVE-2026-28804 [MEDIUM] CWE-407 CVE-2026-28804: pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who use pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5.
ghsanvdosv
CVE-2026-22691P4MEDIUMCVSS 5.3fixed in 6.6.02026-01-10
CVE-2026-22691 [MEDIUM] CWE-400 CVE-2026-22691: pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for malformed startxref. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for invalid startxref entries. When rebuilding the cross-reference table, PDF files with lots of whitespace characters
ghsanvdosv
CVE-2026-41168P4MEDIUMCVSS 5.3fixed in 6.10.12026-04-22
CVE-2026-41168 [MEDIUM] CWE-834 CVE-2026-41168: pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability presen pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or object streams with wrong large `/N` values. This has been fixed in pypdf 6.10.1. As a workaround, one
nvd
CVE-2026-40260P4MEDIUMCVSS 5.3fixed in 6.10.02026-04-17
CVE-2026-40260 [MEDIUM] CWE-776 CVE-2026-40260: pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XM pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the XMP metadata. This issue has been fixed in version 6.10.0.
ghsanvd
CVE-2026-28351P4MEDIUMCVSS 5.3fixed in 6.7.42026-02-27
CVE-2026-28351 [MEDIUM] CWE-400 CVE-2026-28351: pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who use pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaround, consider applying the changes from PR #3664.
ghsanvdosv
CVE-2026-54530P4MEDIUMCVSS 5.5fixed in 6.13.02026-06-22
CVE-2026-54530 [MEDIUM] CWE-835 CVE-2026-54530: pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0.
ghsanvd
Pypdf Project Pypdf vulnerabilities | cvebase