python · pypdfHeads-up
pypdf: Self-referencing form XObject causes high memory usage
A vulnerability in pypdf allows an attacker to craft a PDF with a form XObject containing self-references, leading to large memory usage when extracting text fr
What changed
A vulnerability in pypdf allows an attacker to craft a PDF with a form XObject containing self-references, leading to large memory usage when extracting text from such a page.
Who it affects
Users of pypdf versions prior to 6.12.2 who extract text from untrusted PDFs.
What to do today
Upgrade to pypdf==6.12.2 or apply the changes from PR #3805.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · pypdf