Security Advisory

CVE-2026-28351

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-27 20:59:16

Last updated 2026-03-03 20:28:45

Assigner GitHub_M

State PUBLISHED

Description

pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.4, an attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter. This has been fixed in pypdf 6.7.4. As a workaround, consider applying the changes from PR #3664.

← Browse all CVEs View on cve.org ↗