pypdf is a free and open-source pure-python PDF library. Prior to 6.13.0, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires merging a file with outlines into a writer. This vulnerability is fixed in 6.13.0.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Pypdf | Pypdf_project | * | 6.13.0 (excluding) |
| Pypdf | Ubuntu | questing | * |