Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The `CMapDB._load_data()` function in pdfminer.six uses `pickle.loads()` to deserialize pickle files.
These pickle files are supposed to be part of the pdfminer.six distribution stored in the `cmap/` directory, but a malicious PDF can specify an alternative directory and filename as long as the filename ends in `.pickle.gz`. A malicious, zipped pickle file can then contain code which will automatically execute when the PDF is processed. Version 20251107 fixes the issue.
Attack Parameters
Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
Required
User action required
Impact Assessment
Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service
CVSS Vector v3.1
Weakness Type (CWE)
Vulnerable Products 2
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Pdfminer Pdfminer.Six
cpe:2.3:a:pdfminer:pdfminer.six:*:*:*:*:*:*:*:*
|
— |
2025-11-07
|
|
Debian Debian_Linux
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
|
— | — |
References 5
https://github.com/pdfminer/pdfminer.six/commit/b808ee05dd7f0c8ea8ec34bdf394d40…
security-advisories@github.com
https://github.com/pdfminer/pdfminer.six/releases/tag/20251107
security-advisories@github.com
https://github.com/pdfminer/pdfminer.six/security/advisories/GHSA-wf5f-4jwr-ppcp
security-advisories@github.com
https://lists.debian.org/debian-lts-announce/2025/11/msg00017.html
af854a3a-2127-422b-91ae-364da2661108
https://lists.debian.org/debian-lts-announce/2026/01/msg00005.html
af854a3a-2127-422b-91ae-364da2661108