GHSA-7gw9-cf7v-778f
Denial of Service vulnerability in pypdf (PyPI)

Denial of Service No known exploit

What is GHSA-7gw9-cf7v-778f About?

This vulnerability is a Denial of Service (DoS) in `pypdf` due to RAM exhaustion when processing specific compressed PDF streams. An attacker can craft a malicious PDF containing a `/FlateDecode` stream with a `/Predictor` unequal to 1 and large predictor parameters. Exploitation is relatively easy for an attacker who can provide a malformed PDF to a vulnerable system, causing system instability.

Affected Software

pypdf <6.10.2

Technical Details

The vulnerability allows an attacker to craft a PDF document that, when processed by pypdf, leads to uncontrolled memory consumption and subsequent RAM exhaustion. This is achieved by embedding a stream compressed using /FlateDecode within the PDF, where the /Predictor parameter is set to a value other than 1, and crucially, large predictor parameters are also specified. During decompression and processing of such a stream, pypdf fails to properly handle the memory allocation for these large parameters, leading to excessive RAM usage. This uncontrolled memory growth ultimately results in system instability or crashes, causing a denial of service.

What is the Impact of GHSA-7gw9-cf7v-778f?

Successful exploitation may allow attackers to cause system instability or crashes by consuming all available memory, resulting in a denial of service for the target application or system.

What is the Exploitability of GHSA-7gw9-cf7v-778f?

Exploitation of this vulnerability involves crafting a malicious PDF file. The attacker needs to be able to supply this specially crafted PDF to a system that processes PDF files using the vulnerable pypdf library. There are no known authentication or privilege prerequisites for the attacker, as the vulnerability is triggered during the parsing of the PDF content. The attack is likely remote if the PDF is processed by a server or service, or local if a user opens the PDF on their machine. The primary condition for success is the processing of the malicious file by a vulnerable version of pypdf.

What are the Known Public Exploits?

PoC Author Link Commentary
No known exploits

What are the Available Fixes for GHSA-7gw9-cf7v-778f?

Available Upgrade Options

  • pypdf
    • <6.10.2 → Upgrade to 6.10.2

Struggling with dependency upgrades?

See how Resolved Security's drop-in replacements make it simple.

Book a demo

Additional Resources

What are Similar Vulnerabilities to GHSA-7gw9-cf7v-778f?

Similar Vulnerabilities: CVE-2022-37146 , CVE-2023-38035 , CVE-2023-38604 , CVE-2023-41042 , CVE-2024-21147

All Rights reserved 2025
Privacy Policy