GHSA-m2v9-299j-rv96Medium
pypdf: Possible infinite loop when processing outlines/bookmarks in writer
🔗 CVE IDs covered (1)
📋 Description
Impact
An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer.
Patches
This has been fixed in pypdf==6.13.0.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3830.
🎯 Affected products1
- pip/pypdf:< 6.13.0