Description
pypdf is a free and open-source pure-python PDF library. Prior to 6.12.0, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires cross-reference streams with /W [0 0 0] values and large /Size values. This vulnerability is fixed in 6.12.0.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 debian 12 | | =3.17.4-1 || =3.4.1-1 || =3.4.1-1+deb12u1 || =4.0.0-1 || =4.0.0-1~exp1 || =4.0.1-1 || =4.0.2-1 || =4.1.0-1 || =4.2.0-1 || =4.3.1-1 || =5.4.0-1 || =6.9.0-1 || =6.9.2-1 |
debian 14 | | =5.4.0-1 || =6.9.0-1 || =6.9.2-1 |
debian 12 | | =2.12.1-3 || =2.12.1-3+deb12u1 || =2.12.1-4 |
debian 13 | | =5.4.0-1 || =6.9.0-1 || =6.9.2-1 |
debian 11 | | =1.26.0-4 || =1.26.0-4+deb11u1 || =1.27.12-1 || =1.27.9-1 || =2.0.0-1 || =2.10.0-1 || =2.10.2-1 || =2.10.3-1 || =2.10.4-1 || =2.10.5-1 || =2.10.7-1 || =2.10.9-1 || =2.11.0-1 || =2.11.1-1 || =2.11.2-1 || =2.12.1-1 || =2.12.1-2 || =2.12.1-3 || =2.12.1-4 || =2.4.1-1 || =2.4.2-1 || =2.6.0-1 || =2.8.1-1 || =2.9.0-1 |
