Описание
pypdf: manipulated stream length values can exhaust RAM
Impact
An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream.
Patches
This has been fixed in pypdf==6.8.0.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3675.
As far as we are aware, this mostly affects reading from buffers of unknown size, as returned by open("file.pdf", mode="rb") for example. Passing a file path or a BytesIO buffer to pypdf instead does not seem to trigger the vulnerability.
Пакеты
pypdf
< 6.8.0
6.8.0
Связанные уязвимости
pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.
A flaw was found in pypdf, a pure-Python PDF library. An attacker can craft a malicious PDF file containing a content stream with an intentionally large /Length value. When this PDF is parsed, it can lead to excessive memory consumption, resulting in a Denial of Service (DoS) condition due to resource exhaustion.
pypdf is a free and open-source pure-python PDF library. Prior to 6.8.0, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing a content stream with a rather large /Length value, regardless of the actual data length inside the stream. This vulnerability is fixed in 6.8.0.
pypdf is a free and open-source pure-python PDF library. Prior to 6.8. ...
