Security

.github/SECURITY.md

Security Policy

Supported Versions

Security fixes are applied to the latest version.

Reporting a Vulnerability

If you find a potential security issue, please report it to [email protected] (the current maintainer).

We will try to find a fix in a timely manner and will then issue a security advisory together with the update via GitHub (example).

If you don't get a reaction within 30 days, please open a public issue on GitHub.

Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF
GHSA-wjcc-cq79-p63f published Oct 29, 2023 by MartinThoma

Moderate
Quadratic runtime with malformed PDF missing xref marker
GHSA-jrm6-h9cq-8gqw published Jun 30, 2023 by MartinThoma

Moderate
Possible Infinite Loop when reading malformed objects
GHSA-hm9v-vj3r-r55m published Jun 30, 2023 by MartinThoma

Moderate
Possible Infinite Loop when a comment isn't followed by a character
GHSA-4vvm-4w3v-6mr8 published Jun 27, 2023 by MartinThoma

Moderate
Manipulated inline images can cause Infinite Loop
GHSA-xcjx-m2pj-8g79 published Apr 17, 2022 by MartinThoma

Moderate

Learn more about advisories related to py-pdf/pypdf in the GitHub Advisory Database