python · pypdfHeads-up
pypdf FlateDecode PNG Predictor DoS Vulnerability
A vulnerability in pypdf allows an attacker to craft a PDF that leads to long runtimes when accessing a stream using the /FlateDecode filter with a PNG predictor.
What changed
A vulnerability in pypdf allows an attacker to craft a PDF that leads to long runtimes when accessing a stream using the /FlateDecode filter with a PNG predictor. Fixed in pypdf 6.12.2.
Who it affects
Users of pypdf who process untrusted PDF files, especially those using /FlateDecode with PNG predictors.
What to do today
Upgrade to pypdf 6.12.2 or apply the changes from PR #3806.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · pypdf