CVE-2022-48545
https://notcve.org/view.php?id=CVE-2022-48545
An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02. • https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092 • CWE-674: Uncontrolled Recursion •
CVE-2023-3436 – Deadlock in Xpdf 4.04 due to PDF object stream references
https://notcve.org/view.php?id=CVE-2023-3436
Xpdf 4.04 will deadlock on a PDF object stream whose "Length" field is itself in another object stream. • https://forum.xpdfreader.com/viewtopic.php?t=42618 • CWE-667: Improper Locking CWE-833: Deadlock •
CVE-2023-3044 – Divide-by-zero in Xpdf 4.04 due to very large page size
https://notcve.org/view.php?id=CVE-2023-3044
An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code. This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate. • https://github.com/baker221/poc-xpdf https://www.xpdfreader.com/security-bug/CVE-2023-3044.html • CWE-369: Divide By Zero •
CVE-2023-2664 – Stack overflow in Xpdf 4.04 due to object loop in PDF embedded file tree
https://notcve.org/view.php?id=CVE-2023-2664
In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. • https://forum.xpdfreader.com/viewtopic.php?t=42422 • CWE-674: Uncontrolled Recursion •
CVE-2023-2663 – Stack overflow in Xpdf 4.04 due to object loop in PDF page label tree
https://notcve.org/view.php?id=CVE-2023-2663
In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow. • https://forum.xpdfreader.com/viewtopic.php?t=42421 • CWE-674: Uncontrolled Recursion •