pypdf2

PyPI4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting pypdf2page 1 of 1

CVE-2022-24859MEDIUMCVSS 6.2EG 6.2✓ Fixed in 1.27.5
2022-04-18
vulnerable: 1.15 ... 1.27.4 (18 versions)
PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite lo…
CVE-2023-36464MEDIUMCVSS 6.2EG 6.2
2023-06-27
vulnerable: 2.10.0 ... 3.0.1 (30 versions)
pypdf is an open source, pure-python PDF library. In affected versions an attacker may craft a PDF which leads to an infinite loop if `__parse_content_stream` is executed. That is, for example, the case if the user extracted text from such…
CVE-2023-36807MEDIUMCVSS 6.2EG 6.2✓ Fixed in 2.10.6
2023-06-30
vulnerable: 2.10.5
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite l…
CVE-2023-36810MEDIUMCVSS 6.2EG 6.2✓ Fixed in 1.27.9
2023-06-30
vulnerable: 1.15 ... 1.27.8 (22 versions)
pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. An attacker who uses this vulnerability can craft a PDF which leads to unexpected long runtime. This quadratic runtime blo…

Check whether pypdf2 is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for pypdf2 CVEs against the assets you own.

Start Free Scan →