PyPI package
pypdf2
pkg:pypi/pypdf2
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-36810 | — | < 1.27.9 | 1.27.9 | Jun 30, 2023 | pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a | ||
| CVE-2023-36807 | — | >= 2.10.5, < 2.10.6 | 2.10.6 | Jun 30, 2023 | pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can ut | ||
| CVE-2023-36464 | — | >= 2.2.0, <= 3.0.1 | — | Jun 27, 2023 | pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull | ||
| CVE-2022-24859 | — | < 1.27.5 | 1.27.5 | Apr 18, 2022 | PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to |
- CVE-2023-36810Jun 30, 2023affected < 1.27.9fixed 1.27.9
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize a
- CVE-2023-36807Jun 30, 2023affected >= 2.10.5, < 2.10.6fixed 2.10.6
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can ut
- CVE-2023-36464Jun 27, 2023affected >= 2.2.0, <= 3.0.1
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in pull
- CVE-2022-24859Apr 18, 2022affected < 1.27.5fixed 1.27.5
PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to