Mkaalto

**Name of the Vulnerable Software and Affected Versions** pypdf versions prior to 6.6.0 **Description** pypdf is a pure-python PDF library. Versions prior to 6.6.0 are susceptible to long runtimes when processing malformed `startxref` entries within PDF files. An attacker can create a specially crafted PDF that causes prolonged processing times when the cross-reference table is rebuilt, particularly with files containing excessive whitespace. This issue only affects the non-strict reading mode. **Recommendations** Update to version 6.6.0 or later.