PT-2025-43414 · Pypi+2 · Pypdf+2

Published

2025-10-22

Updated

2026-04-17

CVE-2025-62708

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.1.3

Description An attacker can create a malicious PDF file that causes excessive memory consumption when processed. This occurs when parsing the content stream of a page utilizing the LZWDecode filter.

Recommendations Update to pypdf version 6.1.3 or later.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-409

Related Identifiers

BDU:2026-07342

CVE-2025-62708

GHSA-JFX9-29X2-RV3J

Affected Products

Debian

Red Os

Pypdf

PT-2025-43414 · Pypi+2 · Pypdf+2

CVE-2025-62708

Weakness Enumeration

Related Identifiers

Affected Products

References · 29