python-pikepdf
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | Read and write PDFs with Python, powered by qpdf |
Version | 9.4.2-1 [extra] |
Resolved
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1761 | 2.9.2-1 | 2.10.0-1 | Medium | Fixed |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2021-29421 | AVG-1761 | Medium | Yes | Xml external entity injection | models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XML external entity injection (XXE) when parsing XMP metadata entries. |