python · pypdfHeads-up
pypdf Infinite Loop Vulnerability in PDF Merging with Outlines
A vulnerability in pypdf allows an attacker to craft a PDF that causes an infinite loop when merging a file with outlines into a writer.
What changed
A vulnerability in pypdf allows an attacker to craft a PDF that causes an infinite loop when merging a file with outlines into a writer. Fixed in version 6.13.0.
Who it affects
Users of pypdf who merge PDF files with outlines, especially those using versions prior to 6.13.0.
What to do today
Upgrade to pypdf version 6.13.0 or apply the changes from PR #3830 if unable to upgrade.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · pypdf