python · pypdfHeads-up
pypdf: Infinite loop in layout text extraction (fixed in 6.13.0)
A vulnerability in pypdf allows an attacker to craft a PDF that causes an infinite loop when extracting text in layout mode.
What changed
A vulnerability in pypdf allows an attacker to craft a PDF that causes an infinite loop when extracting text in layout mode. Fixed in version 6.13.0.
Who it affects
Users of pypdf who extract text in layout mode, especially those processing untrusted PDFs.
What to do today
Upgrade to pypdf==6.13.0 or apply the patch from PR #3830.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · pypdf