CVE-2023-26938 (https://github.com/huanglei3/xpdf_heapoverflow/edit/main/Stack_backtracking_readblock): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service viaSharedFile::readBlock located in goo/gfile.cc. CVE-2023-26930 (https://github.com/huanglei3/xpdf_aborted): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. CVE-2023-26936 (https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/gmem_copyString): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via gmalloc in gmem.cc CVE-2023-26937 (https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/Stack_backtracking_gstring): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via GString::resize located in goo/GString.cc CVE-2023-26935 (https://github.com/huanglei3/xpdf_heapoverflow): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via SharedFile::readBlock at /xpdf/Stream.cc. CVE-2023-26934 (https://github.com/huanglei3/xpdf_Stack-backtracking/blob/main/object_copy): An issue found in XPDF v.4.04 allows an attacker to cause a denial of service via a crafted pdf file in the object.cc parameter. CVE-2023-26931 (https://note.youdao.com/s/7Nkhj01p): Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the TextOutputDev.cc function. The above CVEs are advertised also with a reference to: https://gist.github.com/huanglei3/10e2a9bd07a109995b20ade306612a34 Not sure if they have been reported upstream.
