CVE-2021-40226: xpdfreader 4.03 is vulnerable to Buffer Overflow. Another famous "fixed in next release", but from over a year ago. Did this get a fix?
CVE-2023-2662 (https://forum.xpdfreader.com/viewtopic.php?t=42505): In Xpdf 4.04 (and earlier), a bad color space object in the input PDF file can cause a divide-by-zero.
(In reply to John Helmert III from comment #0) > CVE-2021-40226: > > xpdfreader 4.03 is vulnerable to Buffer Overflow. > > Another famous "fixed in next release", but from over a year ago. Did > this get a fix? Looks like it from the 4.04 changes list: "Added a missing bounds check on stream DecodeParms arrays."