Cheonwoong-Park

**Name of the Vulnerable Software and Affected Versions** pypdf versions prior to 6.7.1 **Description** pypdf is a free and open-source pure-python PDF library. An attacker can create a malicious PDF file that causes excessive runtime and memory usage when processed. This occurs when parsing the `/ToUnicode` entry of a font containing unusually large values, such as during text extraction. **Recommendations** Update to version 6.7.1 or later.

**Name of the Vulnerable Software and Affected Versions** pypdf versions prior to 6.7.1 **Description** pypdf is a free and open-source pure-python PDF library. A crafted PDF file can cause excessive processing time due to a malformed /FlateDecode stream and byte-by-byte decompression. **Recommendations** Update to version 6.7.1 or later.

**Name of the Vulnerable Software and Affected Versions** pypdf versions prior to 6.7.1 **Description** A crafted PDF file can cause an infinite loop when accessing the children of a TreeObject, such as during outline processing. This issue affects the pypdf library, a free and open-source pure-python PDF library. **Recommendations** Update to version 6.7.1 or later.