CVE-2022-41842 An issue was discovered in Xpdf 4.04. There is a crash in gfseek(_IO_FILE*, long, int) in goo/gfile.cc. http://www.xpdfreader.com/download.html https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928 CVE-2022-41843 An issue was discovered in Xpdf 4.04. There is a crash in convertToType0 in fofi/FoFiType1C.cc, a different vulnerability than CVE-2022-38928. https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421 https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344 CVE-2022-41844 An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vulnerability than CVE-2018-16369 and CVE-2019-16088. https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844 http://www.xpdfreader.com/download.html https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928
Created xpdf tracking bugs for this issue: Affects: epel-7 [bug 2131373] Affects: fedora-all [bug 2131372]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.