CVE-2025-64512
Published: 10 November 2025
Description
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The…
more
`CMapDB._load_data()` function in pdfminer.six uses `pickle.loads()` to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six distribution stored in the `cmap/` directory, but a malicious PDF can specify an alternative directory and filename as long as the filename ends in `.pickle.gz`. A malicious, zipped pickle file can then contain code which will automatically execute when the PDF is processed. Version 20251107 fixes the issue.
Mitigating Controls (NIST 800-53 r5)AI
Directly mandates timely remediation of the deserialization flaw in pdfminer.six prior to version 20251107 to prevent arbitrary code execution from malicious PDFs.
Vulnerability scanning detects the outdated pdfminer.six vulnerable to malicious PDF-specified pickle deserialization and triggers remediation.
Malicious code protection at system entry points detects and eradicates arbitrary code executed from malicious pickle files during PDF processing.
Security SummaryAI
CVE-2025-64512 is a deserialization vulnerability (CWE-502) in pdfminer.six, a community-maintained fork of the original PDFMiner tool for extracting information from PDF documents. In versions prior to 20251107, the CMapDB._load_data() function uses pickle.loads() to deserialize pickle files intended to be from the cmap/ directory within the pdfminer.six distribution. However, a malicious PDF can specify an alternative directory and filename ending in .pickle.gz, causing the tool to load and execute arbitrary code from a malicious, zipped pickle file during PDF processing.
The vulnerability has a CVSS v3.1 base score of 8.6 (AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). Exploitation requires local access and user interaction, such as a victim running pdfminer.six on a specially crafted PDF file, with low complexity and no privileges needed. Successful exploitation allows arbitrary code execution with high impacts on confidentiality, integrity, and availability, and changes the scope to affect the entire system.
Mitigation is provided by upgrading to pdfminer.six version 20251107, which addresses the issue. The GitHub security advisory (GHSA-wf5f-4jwr-ppcp), fixing commit (b808ee05dd7f0c8ea8ec34bdf394d40e63501086), and release page detail the patch. Debian LTS announcements confirm updates for affected packages in their repositories.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Deserialization vulnerability enables arbitrary code execution via exploitation of client-side PDF processing tool pdfminer.six when handling malicious PDFs.