There are 2 open security issues in buster.
2 issues left for the package maintainer to handle:
An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_kids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write.
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
You can find information about how to handle these issues in the security team's documentation.