python · pypdfHeads-up
pypdf Vulnerability: Large Memory Usage in Layout Mode Text Extraction
A vulnerability in pypdf allows an attacker to craft a PDF that leads to large memory usage when extracting text in layout mode with large character offsets.
What changed
A vulnerability in pypdf allows an attacker to craft a PDF that leads to large memory usage when extracting text in layout mode with large character offsets. Fixed in version 6.12.0.
Who it affects
Users of pypdf who extract text in layout mode, especially those processing untrusted PDFs.
What to do today
Upgrade to pypdf version 6.12.0 or apply the changes from PR #3790.
The trail
Collected→
Audited→
Written→
Published
Source
GitHub Advisory · pypdf