Primary

Context

pypdf TreeObject Children Access Infinite Loop Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in pypdf versions prior to 6.7.1. This issue allows an attacker to craft a PDF that causes an infinite loop when the children of a TreeObject are accessed, such as during outline processing.

Impact

Exploitation of this vulnerability leads to an infinite loop, causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by creating a PDF file that includes a TreeObject with cyclic references, such as a nested outline structure where children reference each other in a loop. When this PDF is processed by pypdf versions prior to 6.7.1, accessing the TreeObject's children will trigger the infinite loop.

Remediation

Users can upgrade to pypdf version 6.7.1 or later to address this vulnerability. If an immediate upgrade is not possible, the changes from PR #3645 can be applied as a workaround.

Added: Feb 20, 2026, 10:23 PM

Updated: Feb 20, 2026, 10:23 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.3

remediation

7.7

relevance

3.2

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.3

remediation

7.7

relevance

3.2

threat

4.8

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

pypdf TreeObject Children Access Infinite Loop Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

py-pdf

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating