{"id":"CVE-2023-36807","summary":"Infinite Loop when reading malformed objects in pypdf","details":"pypdf is a pure-python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In version 2.10.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This infinite loop blocks the current process and can utilize a single core of the CPU by 100%. It does not affect memory usage. That is, for example, the case if the user extracted metadata from such a malformed PDF. Versions prior to 2.10.5 throw an error, but do not hang forever. This issue was fixed with https://github.com/py-pdf/pypdf/pull/1331 which has been included in release 2.10.6. Users are advised to upgrade. Users unable to upgrade should modify `PyPDF2/generic/_data_structures.py::read_object` to an an error throwing case. See GHSA-hm9v-vj3r-r55m for details. ","aliases":["GHSA-hm9v-vj3r-r55m"],"modified":"2026-05-28T03:53:25.516417997Z","published":"2023-06-30T18:38:10.303Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/36xxx/CVE-2023-36807.json","cwe_ids":["CWE-835"],"cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/36xxx/CVE-2023-36807.json"},{"type":"ADVISORY","url":"https://github.com/py-pdf/pypdf/security/advisories/GHSA-hm9v-vj3r-r55m"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-36807"},{"type":"REPORT","url":"https://github.com/py-pdf/pypdf/issues/1329"},{"type":"FIX","url":"https://github.com/py-pdf/pypdf/pull/1331"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/py-pdf/pypdf","events":[{"introduced":"0"},{"last_affected":"4073b2a36ef476b865e927f4c84be4bedd21f0f8"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"2.10.5"}]}}],"versions":["2.10.5","2.10.4","2.10.3","2.10.2","2.10.1","2.10.0","2.9.0","2.8.1","2.8.0","2.7.0","2.6.0","2.5.0","2.4.2","2.4.1","2.4.0","2.3.1","2.3.0","2.2.1","2.2.0","2.1.1","2.1.0","2.0.0","1.28.2","1.28.1","1.28.0","1.27.12","1.27.11","1.27.10","1.27.9","1.27.8","1.27.7","1.27.6","1.27.5","1.27.4","1.27.3","1.27.2","1.27.1","1.27.0","v1.24","1.26.0","v1.25.1","v1.25","v1.23","v1.22","v1.21","v1.20","v1.19","v1.18","v1.17"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-36807.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}