VYPR

PyPI package

pypdf2

pkg:pypi/pypdf2

Vulnerabilities (4)

  • CVE-2023-36810Jun 30, 2023
    affected < 1.27.9fixed 1.27.9

    pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a

  • CVE-2023-36807Jun 30, 2023
    affected >= 2.10.5, < 2.10.6fixed 2.10.6

    pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can ut

  • CVE-2023-36464Jun 27, 2023
    affected >= 2.2.0, <= 3.0.1

    pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull

  • CVE-2022-24859Apr 18, 2022
    affected < 1.27.5fixed 1.27.5

    PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to