Vendor
An arbitrary code execution vulnerability exists in BabelDOC's vendored PDF parser (`babeldoc/pdfminer/cmapdb.py`) due to insecure deserialization of untrusted pickle data, allowing an attacker to craft a PDF with a specially encoded '/Encoding' name containing an absolute path that bypasses directory restrictions, leading to deserialization and execution of a malicious '.pickle.gz' file on the local filesystem with the privileges of the BabelDOC process.