pypdf is a free and open-source pure-python PDF library. Prior to version 6.6.0, pypdf has possible long runtimes for missing /Root object with large /Size values. An attacker who uses this vulnerability can craft a PDF which leads to possibly long runtimes for actually invalid files.
This can be achieved by omitting the /Root entry in the trailer, while using a rather large /Size value. Only the non-strict reading mode is affected. This issue has been patched in version 6.6.0.
Attack Parameters
Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed
Impact Assessment
Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
Low
Partial disruption
CVSS Vector v4.0
Weakness Type (CWE)
Vulnerable Products 1
| Configuration | From (including) | Up to (excluding) |
|---|---|---|
|
Pypdf_Project Pypdf
cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*
|
— |
6.6.0
|
References 4
https://github.com/py-pdf/pypdf/commit/294165726b646bb7799be1cc787f593f2fdbcf45
security-advisories@github.com
https://github.com/py-pdf/pypdf/pull/3594
security-advisories@github.com
https://github.com/py-pdf/pypdf/releases/tag/6.6.0
security-advisories@github.com
https://github.com/py-pdf/pypdf/security/advisories/GHSA-4xc4-762w-m6cg
security-advisories@github.com