6 matches found
CVE-2026-54531
A flaw was found in pypdf before 6.13.0. A crafted PDF with outlines can trigger an infinite loop when merged into a PdfWriter, causing denial of service...
CVE-2026-49460
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.2, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor. This vulnerability is fixed in 6.12.2...
CVE-2026-41313
A flaw was found in pypdf. An attacker can craft a malicious PDF file with a large trailer /Size value. When this PDF is loaded in incremental mode, it can lead to excessively long processing times, resulting in a Denial of Service DoS for the application or system processing the file. Mitigation...
CVE-2026-41168
A flaw was found in pypdf. An attacker can craft a malicious PDF file containing oversized cross-reference streams or object streams. Processing such a file can lead to excessively long runtimes, resulting in a Denial of Service DoS for applications using the pypdf library. Mitigation Mitigation...
SUSE CVE-2026-41313
pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer /Size value in incremental mode. This has been fixed in pypdf 6.10.2. As...
CVE-2026-27628
A flaw was found in pypdf. Processing a specially crafted PDF document, specifically with circular /Prev references in the cross-reference xref chain, can cause an infinite loop and a high consumption of CPU, resulting in a denial of service. Mitigation Mitigation for this issue is either not...