Pikepdf Project Pikepdf — known CVE vulnerabilities
Every CVE whose affected-product data names Pikepdf Project Pikepdf, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2021-29421 — CVSS 7.5 (high): models/metadata.py in the pikepdf package 1.3.0 through 2.9.2 for Python allows XXE when parsing XMP metadata entries.