pypdf has a possible infinite loop when loading circular /Prev entries in cross-reference streams

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.2, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires reading the file. This has been fixed in pypdf 6.7.2. As a workaround, one may apply the patch manually.

N/A

不可达退出条件的循环(无限循环)

pypdf 安全漏洞

pypdf是py-pdf开源的一个免费开源的纯 python PDF 库。能够拆分、合并、裁剪和转换 PDF 文件的页面。 pypdf 6.7.2之前版本存在安全漏洞，该漏洞源于处理特制PDF文件时存在缺陷，可能导致无限循环。

N/A

N/A