VYPR

Pypdf

by Py PDF

pypi: pypdf

Source repositories

CVEs (29)

  • CVE-2026-22690Jan 10, 2026
    risk 0.00cvss epss 0.00

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid…

  • CVE-2025-62708Oct 22, 2025
    risk 0.00cvss epss 0.00

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream of a page using the LZWDecode filter. This has been fixed in pypdf…

  • CVE-2025-62707Oct 22, 2025
    risk 0.00cvss epss 0.00

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This…

  • CVE-2025-55197Aug 13, 2025
    risk 0.00cvss epss 0.00

    pypdf is a free and open-source pure-python PDF library. Prior to version 6.0.0, an attacker can craft a PDF which leads to the RAM being exhausted. This requires just reading the file if a series of FlateDecode filters is used on a malicious cross-reference stream. Other…

  • CVE-2023-46250Oct 31, 2023
    risk 0.00cvss epss 0.00

    pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions 3.7.0 through 3.16.4 can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%.…

  • CVE-2023-36810Jun 30, 2023
    risk 0.00cvss epss 0.01

    pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blocks the current process and can utilize…

  • CVE-2023-36807Jun 30, 2023
    risk 0.00cvss epss 0.01

    pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can…

  • CVE-2023-36464Jun 27, 2023
    risk 0.00cvss epss 0.00

    pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such a PDF. This issue was introduced in…

  • CVE-2022-24859Apr 18, 2022
    risk 0.00cvss epss 0.01

    PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to…

Page 2 of 2