lopdf is vulnerable to Denial of Service (DoS)
75
High Risk
Affected versions of lopdf are vulnerable to a denial-of-service (DoS) issue due to unbounded recursion when parsing deeply nested PDF arrays and dictionaries. A specially crafted PDF can trigger a stack overflow and terminate the process, allowing attackers to crash applications that parse untrusted PDF files.
You are affected if you are using a version that falls within the vulnerable range.
lopdf is vulnerable to Denial of Service (DoS) in versions 0.0.1 - 0.41.0.
Upgrade the lopdf library to the patch version.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant