3 matches found
UBUNTU-CVE-2026-54531
pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0...
GHSA-M2V9-299J-RV96 pypdf: Possible infinite loop when processing outlines/bookmarks in writer
Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. Patches This has been fixed in pypdf==6.13.0. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3830...
PT-2026-4845
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.6.2 Description A flaw exists in the pypdf library that allows attackers to trigger an infinite loop by creating a PDF file with cyclic outline references. This requires accessing the outlines or bookmarks within the...