github-actions[bot]
commented
4 weeks ago ennamarie19 is integrating a new project:
- Main repo: https://github.com/pikepdf/pikepdf.git
- Criticality score: 0.65130
Closed ennamarie19 closed 4 weeks ago
github-actions[bot]
commented
4 weeks ago ennamarie19 is integrating a new project:
- Main repo: https://github.com/pikepdf/pikepdf.git
- Criticality score: 0.65130
pikepdf is a Python library allowing creation, manipulation and repair of PDFs. It provides a Pythonic wrapper around the C++ PDF content transformation library, QPDF. It is used by over 3800 repositories and 90 packages. Most notably, OCRmyPDF (12,400+ stars) uses pikepdf to graft OCR text layers onto existing PDFs, to examine the contents of input PDFs, and to optimize PDFs. Additionally, PDFArranger (3000+ stars) depends on pikepdf and is a Python application that provides a graphical user interface to rotate, crop and rearrange PDFs. It is important that fuzzing be integrarted into pikepdf as the domino effect of a high or critical vulnerability in pikepdf would cause numerous other open source software products to be vulnerable as well.
Approval from the upstream maintainer can be found here: https://github.com/pikepdf/pikepdf/issues/587