CVE-2021-29421

Published April 1st, 2021

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

5

MEDIUM

Affected

1

PROJECT

Description

models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries.

pikepdf/pikepdf

A Python library for reading and writing PDF, powered by QPDF

GitHub

2.75K