GHSA-R73J-PQJ5-W3X7 Pillow has a PDF Parsing Trailer Infinite Loop (DoS)

Impact An attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. Patches Patched version: 12.2.0. PdfParser introduced in Pillow 4.2.0 follows Prev pointers in PDF trailers to read cross-reference sections. If ...