VDB
EN
MEDIUM

GHSA-g9xf-7f8q-9mcj

pypdf: Possible infinite loop when processing threads/articles in writer

상세

### Impact

An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with threads/articles into a writer.

### Patches

This has been fixed in [pypdf==6.13.1](https://github.com/py-pdf/pypdf/releases/tag/6.13.1).

### Workarounds

If users cannot upgrade yet, consider applying the changes from PR [#3839](https://github.com/py-pdf/pypdf/pull/3839).

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / pypdf
최초 영향 버전: 0 수정 버전: 6.13.1
수정 pip install --upgrade 'pypdf>=6.13.1'

참고