Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Read and write PDFs with Python, powered by qpdf
Version 8.13.0-1 [extra]


Group Affected Fixed Severity Status Ticket
AVG-1761 2.9.2-1 2.10.0-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-29421 AVG-1761 Medium Yes Xml external entity injection
models/ in the pikepdf package 1.3.0 through 2.9.2 for Python allows XML external entity injection (XXE) when parsing XMP metadata entries.