Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-delivered PDF requires application or user to process it (UI:R); no privileges needed; impact is availability only with no scope change.
Primary rating from Vendor (https://github.com/py-pdf/pypdf).
CVSS VectorVendor: https://github.com/py-pdf/pypdf
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Blast Radius
ecosystem impact- 2 pypi packages depend on pypdf (2 direct, 0 indirect)
Ecosystem-wide dependent count for version 6.12.2.
DescriptionCVE.org
Impact
An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /FlateDecode filter with a PNG predictor.
Patches
This has been fixed in pypdf==6.12.2.
Workarounds
If you cannot upgrade yet, consider applying the changes from PR #3806.
AnalysisAI
Denial-of-service in the pypdf Python library allows an attacker to cause excessive CPU consumption by supplying a crafted PDF containing a FlateDecode stream with a PNG predictor filter. Any application using pypdf to parse untrusted PDFs is affected on versions prior to 6.12.2. No public exploit is identified at time of analysis, but the attack surface is broad given pypdf's use in document processing pipelines; no special authentication is required to exploit applications that accept user-supplied PDFs.
Technical ContextAI
pypdf is a pure-Python PDF library (pkg:pip/pypdf) used for reading, writing, and manipulating PDF files. The vulnerability resides in the _decode_png_prediction function within pypdf/filters.py. When a PDF stream uses the /FlateDecode filter combined with a PNG predictor, pypdf decodes pixel rows using Python list and tuple objects. For large images - the regression test demonstrates 120,000 rows × 4,096 columns - the list-based append and tuple conversion per row creates O(n²)-class overhead, matching CWE-407 (Inefficient Algorithmic Complexity). The fix replaces these with bytearray and bytes objects, whose buffer-level operations are dramatically faster. The GitHub advisory GHSA-5hgr-hg42-57jg and the confirmed fix in PR #3806 identify the exact code path.
RemediationAI
Upgrade to pypdf==6.12.2 immediately; this is the vendor-released patch that resolves the inefficiency by replacing Python list/tuple row accumulation with bytearray/bytes operations in _decode_png_prediction. The release is available at https://github.com/py-pdf/pypdf/releases/tag/6.12.2. If an immediate upgrade is not possible, the specific code changes from PR #3806 (https://github.com/py-pdf/pypdf/pull/3806) can be applied manually as a source-level workaround. As a compensating control, applications that process untrusted PDFs should impose a processing timeout (e.g., via SIGALRM or a subprocess with a timeout) to prevent a single malformed document from monopolizing CPU; note this does not fix the underlying flaw and will result in processing failures for crafted files. Restricting PDF upload size is an additional mitigating factor but is insufficient alone, as a modest-sized PDF can still contain streams that trigger the algorithmic overhead.
Same weakness CWE-407 – Inefficient Algorithmic Complexity
View allSame technique Information Disclosure
View allVendor StatusVendor
Share
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38357
GHSA-5hgr-hg42-57jg