Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/pypdf@6.7.4
Typepypi
Namespace
Namepypdf
Version6.7.4
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.7.5
Latest_non_vulnerable_version6.8.0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-u64g-bx3a-gydh
vulnerability_id VCID-u64g-bx3a-gydh
summary 
pypdf: Manipulated RunLengthDecode streams can exhaust RAM
An attacker who uses this vulnerability can craft a PDF which leads to large memory usage. This requires parsing the content stream using the RunLengthDecode filter.
references
0
reference_url https://github.com/py-pdf/pypdf
reference_id
reference_type
scores
url https://github.com/py-pdf/pypdf
1
reference_url https://github.com/py-pdf/pypdf/commit/f309c6003746414dc7b5048c19e6d879ff2dc858
reference_id
reference_type
scores
url https://github.com/py-pdf/pypdf/commit/f309c6003746414dc7b5048c19e6d879ff2dc858
2
reference_url https://github.com/py-pdf/pypdf/pull/3664
reference_id
reference_type
scores
url https://github.com/py-pdf/pypdf/pull/3664
3
reference_url https://github.com/py-pdf/pypdf/releases/tag/6.7.4
reference_id
reference_type
scores
url https://github.com/py-pdf/pypdf/releases/tag/6.7.4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-28351
reference_id CVE-2026-28351
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2026-28351
5
reference_url https://github.com/advisories/GHSA-f2v5-7jq9-h8cg
reference_id GHSA-f2v5-7jq9-h8cg
reference_type
scores
url https://github.com/advisories/GHSA-f2v5-7jq9-h8cg
6
reference_url https://github.com/py-pdf/pypdf/security/advisories/GHSA-f2v5-7jq9-h8cg
reference_id GHSA-f2v5-7jq9-h8cg
reference_type
scores
url https://github.com/py-pdf/pypdf/security/advisories/GHSA-f2v5-7jq9-h8cg
fixed_packages
0
url pkg:pypi/pypdf@6.7.4
purl pkg:pypi/pypdf@6.7.4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/pypdf@6.7.4
aliases CVE-2026-28351, GHSA-f2v5-7jq9-h8cg
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u64g-bx3a-gydh
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/pypdf@6.7.4