Pypdf Project Pypdf vulnerabilities

CVE-2023-36810 [MEDIUM] CWE-407 CVE-2023-36810: pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pag pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. This

CVE-2023-36464 [MEDIUM] CWE-835 CVE-2023-36464: pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF w pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull request #969 and resolved in pull request #1828. Users are advised to