VulnerableCode Package Details - pkg:deb/debian/gv@1:3.5.8-17

Search for packages

Vulnerability	Summary	Fixed by
VCID-2ej9-sjne-9ycq Aliases: CVE-2002-1569	gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.	1:3.6.1-10sarge2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-nbvn-md4g-27cv Aliases: CVE-2010-2056	This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.	1:3.7.1-1 Affected by 0 other vulnerabilities.
VCID-vws2-991u-bycg Aliases: CVE-2006-5864	GNU gv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.	1:3.6.2-3 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-vygn-7965-vfdm Aliases: CVE-2004-1717	Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.	1:3.6.1-10sarge2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-wkcq-2876-jbd4 Aliases: CVE-2002-0838	security flaw	1:3.6.1-10sarge2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-2ej9-sjne-9ycq
Aliases:
CVE-2002-1569

gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.

1:3.6.1-10sarge2
Affected by 2 other vulnerabilities.

VCID-nbvn-md4g-27cv
Aliases:
CVE-2010-2056

This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.

1:3.7.1-1
Affected by 0 other vulnerabilities.

VCID-vws2-991u-bycg
Aliases:
CVE-2006-5864

GNU gv improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

1:3.6.2-3
Affected by 1 other vulnerability.

VCID-vygn-7965-vfdm
Aliases:
CVE-2004-1717

Multiple buffer overflows in the psscan function in ps.c for gv (ghostview) allow remote attackers to execute arbitrary code via a Postscript file with a long (1) BoundingBox, (2) comment, (3) Orientation, (4) PageOrder, or (5) Pages value.

1:3.6.1-10sarge2
Affected by 2 other vulnerabilities.

VCID-wkcq-2876-jbd4
Aliases:
CVE-2002-0838

security flaw

1:3.6.1-10sarge2
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:44:36.293552+00:00	Debian Oval Importer	Affected by	VCID-vygn-7965-vfdm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:08:55.925456+00:00	Debian Oval Importer	Affected by	VCID-vws2-991u-bycg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T20:11:36.811490+00:00	Debian Oval Importer	Affected by	VCID-2ej9-sjne-9ycq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:52:31.750261+00:00	Debian Oval Importer	Affected by	VCID-nbvn-md4g-27cv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:16:25.307666+00:00	Debian Oval Importer	Affected by	VCID-wkcq-2876-jbd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:19:17.256071+00:00	Debian Oval Importer	Affected by	VCID-vygn-7965-vfdm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:44:55.600785+00:00	Debian Oval Importer	Affected by	VCID-vws2-991u-bycg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:53:20.901985+00:00	Debian Oval Importer	Affected by	VCID-2ej9-sjne-9ycq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:38:30.161749+00:00	Debian Oval Importer	Affected by	VCID-nbvn-md4g-27cv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:03:45.503205+00:00	Debian Oval Importer	Affected by	VCID-wkcq-2876-jbd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T22:52:39.765752+00:00	Debian Oval Importer	Affected by	VCID-vygn-7965-vfdm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:19:44.766140+00:00	Debian Oval Importer	Affected by	VCID-vws2-991u-bycg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:35:32.933626+00:00	Debian Oval Importer	Affected by	VCID-2ej9-sjne-9ycq	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:25:56.319287+00:00	Debian Oval Importer	Affected by	VCID-nbvn-md4g-27cv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:56:37.060096+00:00	Debian Oval Importer	Affected by	VCID-wkcq-2876-jbd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0