24 matches found
CVE-2026-54530
A flaw was found in pypdf, a pure-python PDF library. An attacker can craft a malicious PDF file that, when processed by a system extracting text in layout mode, can lead to an infinite loop. This vulnerability results in a Denial of Service DoS, making the affected system unresponsive. Mitigatio...
Linux Distros Unpatched Vulnerability : CVE-2026-54530
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loo...
CVE-2026-54530
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
DEBIAN-CVE-2026-54530
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
UBUNTU-CVE-2026-54530
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
CVE-2026-54530 pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
CVE-2026-54530
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
CVE-2026-54530
CVE-2026-54530 – pypdf : A flaw in the pure-Python PDF library allows an attacker to craft a PDF that triggers an infinite loop when performing text extraction in layout mode. Affected versions are prior to 6.13.0. Impact noted as higher for availability. Remediation: upgrade to 6.13.0 (or apply ...
CVE-2026-54530 pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. This vulnerability is fixed in 6.13.0...
pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. Patches This has been fixed in pypdf==6.13.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3830...
Infinite loop
Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Infinite loop via the font retrieving. An attacker can cause the application to enter an infinite loop by crafting a specially...
GHSA-52X6-GQ3R-VPF4 pypdf: Possible infinite loop when retrieving fonts for layout-mode text extraction
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires extracting the text in layout mode. Patches This has been fixed in pypdf==6.13.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3830...
PT-2026-49742
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.13.0 Description A flaw in the pure-python PDF library allows an attacker to craft a PDF file that triggers an infinite loop. This occurs specifically when extracting text in layout mode. Recommendations Update to...
GHSA-CJ93-CHG6-VGV8 pypdf: Possible large memory usage for large offsets for layout mode text
Impact An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. Patches This has been fixed in pypdf==6.12.0. Workarounds If developers are unable to immediately upgrade, they should...
EUVD-2026-32914
pypdf: Possible large memory usage for large offsets for layout mode text...
SUSE CVE-2026-48155
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...
Allocation of Resources Without Limits or Throttling
Overview pypdf is an A pure-python PDF library capable of splitting, merging, cropping, and transforming PDF files Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the layout mode text extraction process when handling PDFs with large...
UBUNTU-CVE-2026-48155
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...
CVE-2026-48155 pypdf: Possible large memory usage for large offsets for layout mode text
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...
CVE-2026-48155
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires extracting text in layout mode with large character offsets. This vulnerability is fixed in 6.12.0...