{
  "threat_severity" : "Moderate",
  "public_date" : "2026-03-06T06:46:28Z",
  "bugzilla" : {
    "description" : "pypdf: pypdf: Denial of Service via crafted PDF with ASCIIHexDecode filter",
    "id" : "2445118",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2445118"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-770",
  "details" : [ "pypdf is a free and open-source pure-python PDF library. Prior to version 6.7.5, an attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. This issue has been patched in version 6.7.5.", "A flaw was found in pypdf, a pure-python PDF library. A remote attacker can exploit this vulnerability by crafting a malicious PDF file that utilizes the /ASCIIHexDecode filter. Processing this specially crafted PDF can lead to excessively long runtimes, resulting in a Denial of Service (DoS) for the application or system processing the file." ],
  "package_state" : [ {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Fix deferred",
    "package_name" : "openshift-lightspeed/lightspeed-ocp-rag-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Fix deferred",
    "package_name" : "openshift-lightspeed/lightspeed-service-api-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "OpenShift Lightspeed",
    "fix_state" : "Fix deferred",
    "package_name" : "openshift-lightspeed-tech-preview/lightspeed-rag-tool-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_lightspeed"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/bootc-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat Enterprise Linux AI (RHEL AI) 3",
    "fix_state" : "Fix deferred",
    "package_name" : "rhelai3/disk-image-cuda-rhel9",
    "cpe" : "cpe:/a:redhat:enterprise_linux_ai:3"
  }, {
    "product_name" : "Red Hat OpenShift AI (RHOAI)",
    "fix_state" : "Fix deferred",
    "package_name" : "rhoai/odh-llama-stack-core-rhel9",
    "cpe" : "cpe:/a:redhat:openshift_ai"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-28804\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-28804\nhttps://github.com/py-pdf/pypdf/commit/648c627d2657447dfb1773412af05a0a5103b98f\nhttps://github.com/py-pdf/pypdf/pull/3666\nhttps://github.com/py-pdf/pypdf/releases/tag/6.7.5\nhttps://github.com/py-pdf/pypdf/security/advisories/GHSA-9m86-7pmv-2852" ],
  "name" : "CVE-2026-28804",
  "mitigation" : {
    "value" : "To mitigate this issue, avoid processing untrusted PDF documents with applications that use the pypdf library. If processing untrusted PDFs is unavoidable, consider sandboxing the application responsible for PDF processing to limit potential resource exhaustion.",
    "lang" : "en:us"
  },
  "csaw" : false
}