CVE-2023-46250

pypdf is a free and open-source pure-python PDF library. An attacker who uses a vulnerability present in versions 3.7.0 through 3.16.4 can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case when the pypdf-user manipulates an incoming malicious PDF e.g. by merging it with another PDF or by adding annotations. The issue was fixed in version 3.17.0. As a workaround, apply the patch manually by modifying `pypdf/generic/_data_structures.py`.
Infinite Loop
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
GitHub_MCNA
5.1 MEDIUM
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
VendorProductVersion
pypdf_projectpypdf
3.7.0 ≤
𝑥
< 3.17.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
pypdf
bookworm
3.4.1-1+deb12u1
fixed
trixie
4.3.1-1
fixed
sid
4.3.1-1
fixed
pypdf2
bullseye
1.26.0-4+deb11u1
fixed
bookworm
2.12.1-3+deb12u1
fixed
sid
2.12.1-4
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
pypdf
oracular
needs-triage
noble
needs-triage
mantic
ignored
lunar
ignored
jammy
dne
focal
dne
bionic
ignored
xenial
ignored
trusty
ignored
pypdf2
oracular
needs-triage
noble
needs-triage
mantic
ignored
lunar
ignored
jammy
needs-triage
focal
needs-triage
bionic
needs-triage
xenial
needs-triage
trusty
ignored
Common Weakness Enumeration
References
https://github.com/py-pdf/pypdf/commit/9b23ac3c9619492570011d551d521690de9a3e2d
https://github.com/py-pdf/pypdf/pull/2264
https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjcc-cq79-p63f
https://github.com/py-pdf/pypdf/commit/9b23ac3c9619492570011d551d521690de9a3e2d
https://github.com/py-pdf/pypdf/pull/2264
https://github.com/py-pdf/pypdf/security/advisories/GHSA-wjcc-cq79-p63f