Pypdf Project

Pypdf

25 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2026-41314

  • EPSS 0.02%
  • Veröffentlicht 22.04.2026 21:08:14
  • Zuletzt bearbeitet 27.04.2026 19:29:40

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing an image using `/FlateDecode` with large...

6.5

CVE-2026-41313

  • EPSS 0.02%
  • Veröffentlicht 22.04.2026 21:04:59
  • Zuletzt bearbeitet 27.04.2026 19:30:37

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to long runtimes. This requires loading a PDF with a large trailer `/Size` value in incremen...

6.5

CVE-2026-41312

  • EPSS 0.02%
  • Veröffentlicht 22.04.2026 21:02:53
  • Zuletzt bearbeitet 27.04.2026 19:31:03

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.2 can craft a PDF which leads to the RAM being exhausted. This requires accessing a stream compressed using `/FlateDecode`...

5.3

CVE-2026-41168

  • EPSS 0.05%
  • Veröffentlicht 22.04.2026 20:49:10
  • Zuletzt bearbeitet 24.04.2026 13:07:24

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions prior to 6.10.1 can craft a PDF which leads to long runtimes. This requires cross-reference streams with wrong large `/Size` values or o...

5.3

CVE-2026-40260

  • EPSS 0.02%
  • Veröffentlicht 16.04.2026 23:18:26
  • Zuletzt bearbeitet 22.04.2026 20:16:03

pypdf is a free and open-source pure-python PDF library. In versions prior to 6.10.0, manipulated XMP metadata entity declarations can exhaust RAM. An attacker who exploits this vulnerability can craft a PDF which leads to large memory usage. This re...

7.5

CVE-2026-33699

  • EPSS 0.02%
  • Veröffentlicht 26.03.2026 23:58:42
  • Zuletzt bearbeitet 01.04.2026 16:01:35

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf ...

6.5

CVE-2026-33123

  • EPSS 0.01%
  • Veröffentlicht 20.03.2026 09:09:12
  • Zuletzt bearbeitet 23.03.2026 15:48:01

pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.1 allow an attacker to craft a malicious PDF which leads to long runtimes and/or large memory usage. Exploitation requires accessing an array-based stream with many entrie...

5.5

CVE-2026-31826

  • EPSS 0.01%
  • Veröffentlicht 10.03.2026 21:36:52
  • Zuletzt bearbeitet 17.03.2026 20:52:08

pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless o...

5.3

CVE-2026-28804

  • EPSS 0.05%
  • Veröffentlicht 06.03.2026 06:46:28
  • Zuletzt bearbeitet 10.03.2026 19:39:37

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue ...

5.3

CVE-2026-28351

  • EPSS 0.02%
  • Veröffentlicht 27.02.2026 20:59:16
  • Zuletzt bearbeitet 03.03.2026 18:36:06

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. Thi...