Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/evince@43.1-2?distro=trixie

Type deb

Namespace debian

Name evince

Version 43.1-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 43.1-2+deb12u1

Latest_non_vulnerable_version 49~alpha.1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2p7e-5bb9-9bc8

vulnerability_id VCID-2p7e-5bb9-9bc8

summary

GNU gv improperly handles user-supplied data possibly allowing for the
    execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5864.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5864.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2006-5864

reference_id

reference_type

scores

value	0.30732
scoring_system	epss
scoring_elements	0.96839
published_at	2026-06-11T12:55:00Z

value	0.30732
scoring_system	epss
scoring_elements	0.9685
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2006-5864

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5864

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=217672
reference_id	217672
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=217672

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398292
reference_id	398292
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398292

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400904
reference_id	400904
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400904

reference_url	https://security.gentoo.org/glsa/200611-20
reference_id	GLSA-200611-20
reference_type
scores
url	https://security.gentoo.org/glsa/200611-20

reference_url	https://security.gentoo.org/glsa/200703-24
reference_id	GLSA-200703-24
reference_type
scores
url	https://security.gentoo.org/glsa/200703-24

reference_url	https://security.gentoo.org/glsa/200704-06
reference_id	GLSA-200704-06
reference_type
scores
url	https://security.gentoo.org/glsa/200704-06

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/2858.c
reference_id	OSVDB-30274;CVE-2006-5864
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/2858.c

reference_url	https://usn.ubuntu.com/390-1/
reference_id	USN-390-1
reference_type
scores
url	https://usn.ubuntu.com/390-1/

reference_url	https://usn.ubuntu.com/390-2/
reference_id	USN-390-2
reference_type
scores
url	https://usn.ubuntu.com/390-2/

reference_url	https://usn.ubuntu.com/390-3/
reference_id	USN-390-3
reference_type
scores
url	https://usn.ubuntu.com/390-3/

fixed_packages

url	pkg:deb/debian/evince@0.4.0-3?distro=trixie
purl	pkg:deb/debian/evince@0.4.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@0.4.0-3%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2006-5864

risk_score 0.6

exploitability 2.0

weighted_severity 0.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2p7e-5bb9-9bc8

url VCID-3e59-e4p7-3bgc

vulnerability_id VCID-3e59-e4p7-3bgc

summary Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-51698

reference_id

reference_type

scores

value	0.02007
scoring_system	epss
scoring_elements	0.84064
published_at	2026-06-11T12:55:00Z

value	0.02007
scoring_system	epss
scoring_elements	0.84121
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-51698

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51698
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51698

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060751
reference_id	1060751
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060751

reference_url

https://github.com/mate-desktop/atril/commit/ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed

reference_id

ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-23T21:42:27Z/

url

https://github.com/mate-desktop/atril/commit/ce41df6467521ff9fd4f16514ae7d6ebb62eb1ed

reference_url

https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2

reference_id

GHSA-34rr-j8v9-v4p2

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-23T21:42:27Z/

url

https://github.com/mate-desktop/atril/security/advisories/GHSA-34rr-j8v9-v4p2

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT3UIQOSZ6UNH5QTFOOY2DJ4MITM2C2C/

reference_id

OT3UIQOSZ6UNH5QTFOOY2DJ4MITM2C2C

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-23T21:42:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT3UIQOSZ6UNH5QTFOOY2DJ4MITM2C2C/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZKXNZ3HGH6KH65OEKVCEAOZJWNZ32FQ/

reference_id

OZKXNZ3HGH6KH65OEKVCEAOZJWNZ32FQ

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-01-23T21:42:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OZKXNZ3HGH6KH65OEKVCEAOZJWNZ32FQ/

reference_url	https://usn.ubuntu.com/7274-1/
reference_id	USN-7274-1
reference_type
scores
url	https://usn.ubuntu.com/7274-1/

fixed_packages

url	pkg:deb/debian/evince@3.25.92-1?distro=trixie
purl	pkg:deb/debian/evince@3.25.92-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.25.92-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2023-51698

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3e59-e4p7-3bgc

url VCID-6esp-3nmg-8qe2

vulnerability_id VCID-6esp-3nmg-8qe2

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11459.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11459.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-11459

reference_id

reference_type

scores

value	0.00438
scoring_system	epss
scoring_elements	0.6353
published_at	2026-06-11T12:55:00Z

value	0.00438
scoring_system	epss
scoring_elements	0.63632
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-11459

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1716295
reference_id	1716295
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1716295

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927820
reference_id	927820
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927820

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927821
reference_id	927821
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927821

reference_url	https://access.redhat.com/errata/RHSA-2019:3553
reference_id	RHSA-2019:3553
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3553

reference_url	https://access.redhat.com/errata/RHSA-2020:1074
reference_id	RHSA-2020:1074
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1074

reference_url	https://usn.ubuntu.com/3959-1/
reference_id	USN-3959-1
reference_type
scores
url	https://usn.ubuntu.com/3959-1/

reference_url	https://usn.ubuntu.com/7274-1/
reference_id	USN-7274-1
reference_type
scores
url	https://usn.ubuntu.com/7274-1/

fixed_packages

url	pkg:deb/debian/evince@3.32.0-3?distro=trixie
purl	pkg:deb/debian/evince@3.32.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.32.0-3%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2019-11459

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6esp-3nmg-8qe2

url VCID-7yet-4e16-9kdu

vulnerability_id VCID-7yet-4e16-9kdu

summary

Multiple vulnerabilities have been found in Evince, allowing remote
    attackers to execute arbitrary code or cause a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2641.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2641.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2641

reference_id

reference_type

scores

value	0.08161
scoring_system	epss
scoring_elements	0.92371
published_at	2026-06-11T12:55:00Z

value	0.08161
scoring_system	epss
scoring_elements	0.92397
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2641

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2641

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534
reference_id	609534
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=666314
reference_id	666314
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=666314

reference_url	https://security.gentoo.org/glsa/201111-10
reference_id	GLSA-201111-10
reference_type
scores
url	https://security.gentoo.org/glsa/201111-10

reference_url	https://access.redhat.com/errata/RHSA-2011:0009
reference_id	RHSA-2011:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0009

reference_url	https://usn.ubuntu.com/1035-1/
reference_id	USN-1035-1
reference_type
scores
url	https://usn.ubuntu.com/1035-1/

fixed_packages

url	pkg:deb/debian/evince@2.30.3-2?distro=trixie
purl	pkg:deb/debian/evince@2.30.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@2.30.3-2%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2010-2641

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7yet-4e16-9kdu

url VCID-ansd-4t24-87d4

vulnerability_id VCID-ansd-4t24-87d4

summary

Multiple vulnerabilities have been found in Evince, allowing remote
    attackers to execute arbitrary code or cause a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2640.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2640.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2640

reference_id

reference_type

scores

value	0.08161
scoring_system	epss
scoring_elements	0.92371
published_at	2026-06-11T12:55:00Z

value	0.08161
scoring_system	epss
scoring_elements	0.92397
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2640

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2640

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534
reference_id	609534
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=666313
reference_id	666313
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=666313

reference_url	https://security.gentoo.org/glsa/201111-10
reference_id	GLSA-201111-10
reference_type
scores
url	https://security.gentoo.org/glsa/201111-10

reference_url	https://access.redhat.com/errata/RHSA-2011:0009
reference_id	RHSA-2011:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0009

reference_url	https://usn.ubuntu.com/1035-1/
reference_id	USN-1035-1
reference_type
scores
url	https://usn.ubuntu.com/1035-1/

fixed_packages

url	pkg:deb/debian/evince@2.30.3-2?distro=trixie
purl	pkg:deb/debian/evince@2.30.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@2.30.3-2%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2010-2640

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ansd-4t24-87d4

url VCID-efxk-auev-43cy

vulnerability_id VCID-efxk-auev-43cy

summary

Multiple vulnerabilities have been discovered in T1Lib, the worst
    of which could lead to remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5244.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5244.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-5244

reference_id

reference_type

scores

value	0.01775
scoring_system	epss
scoring_elements	0.83084
published_at	2026-06-11T12:55:00Z

value	0.01775
scoring_system	epss
scoring_elements	0.83146
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-5244

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5244
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5244

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=878483
reference_id	878483
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=878483

reference_url	https://security.gentoo.org/glsa/201701-57
reference_id	GLSA-201701-57
reference_type
scores
url	https://security.gentoo.org/glsa/201701-57

fixed_packages

url	pkg:deb/debian/evince@2.32.0-1?distro=trixie
purl	pkg:deb/debian/evince@2.32.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@2.32.0-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2011-5244

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-efxk-auev-43cy

url VCID-hx58-y3ka-gqfu

vulnerability_id VCID-hx58-y3ka-gqfu

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000159.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000159.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000159

reference_id

reference_type

scores

value	0.00359
scoring_system	epss
scoring_elements	0.58456
published_at	2026-06-11T12:55:00Z

value	0.00359
scoring_system	epss
scoring_elements	0.58568
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:P/I:P/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1521210
reference_id	1521210
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1521210

reference_url	https://security.gentoo.org/glsa/201804-15
reference_id	GLSA-201804-15
reference_type
scores
url	https://security.gentoo.org/glsa/201804-15

reference_url	https://usn.ubuntu.com/3503-1/
reference_id	USN-3503-1
reference_type
scores
url	https://usn.ubuntu.com/3503-1/

fixed_packages

url	pkg:deb/debian/evince@3.25.92-1?distro=trixie
purl	pkg:deb/debian/evince@3.25.92-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.25.92-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2017-1000159

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hx58-y3ka-gqfu

url VCID-r4jh-5rv3-6ybm

vulnerability_id VCID-r4jh-5rv3-6ybm

summary

Multiple vulnerabilities have been discovered in T1Lib, the worst
    of which could lead to remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0433.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0433.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-0433

reference_id

reference_type

scores

value	0.02435
scoring_system	epss
scoring_elements	0.8549
published_at	2026-06-11T12:55:00Z

value	0.02435
scoring_system	epss
scoring_elements	0.85541
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-0433

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0433

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614668
reference_id	614668
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614668

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=679732
reference_id	679732
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=679732

reference_url	https://security.gentoo.org/glsa/201701-57
reference_id	GLSA-201701-57
reference_type
scores
url	https://security.gentoo.org/glsa/201701-57

reference_url	https://access.redhat.com/errata/RHSA-2012:0062
reference_id	RHSA-2012:0062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0062

reference_url	https://access.redhat.com/errata/RHSA-2012:0137
reference_id	RHSA-2012:0137
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0137

reference_url	https://access.redhat.com/errata/RHSA-2012:1201
reference_id	RHSA-2012:1201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1201

reference_url	https://usn.ubuntu.com/1335-1/
reference_id	USN-1335-1
reference_type
scores
url	https://usn.ubuntu.com/1335-1/

reference_url	https://usn.ubuntu.com/1347-1/
reference_id	USN-1347-1
reference_type
scores
url	https://usn.ubuntu.com/1347-1/

fixed_packages

url	pkg:deb/debian/evince@2.32.0-1?distro=trixie
purl	pkg:deb/debian/evince@2.32.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@2.32.0-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2011-0433

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r4jh-5rv3-6ybm

url VCID-re8f-ufnm-sfft

vulnerability_id VCID-re8f-ufnm-sfft

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46529.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-46529.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-46529

reference_id

reference_type

scores

value	0.00131
scoring_system	epss
scoring_elements	0.32416
published_at	2026-06-12T12:55:00Z

value	0.00131
scoring_system	epss
scoring_elements	0.32234
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-46529

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-46529
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-46529

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139874
reference_id	1139874
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1139874

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2487669
reference_id	2487669
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2487669

reference_url

https://github.com/mate-desktop/atril/security/advisories/GHSA-vgv2-m826-8f6f

reference_id

GHSA-vgv2-m826-8f6f

reference_type

scores

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-12T12:30:30Z/

url

https://github.com/mate-desktop/atril/security/advisories/GHSA-vgv2-m826-8f6f

reference_url	https://usn.ubuntu.com/8295-1/
reference_id	USN-8295-1
reference_type
scores
url	https://usn.ubuntu.com/8295-1/

reference_url	https://usn.ubuntu.com/8321-1/
reference_id	USN-8321-1
reference_type
scores
url	https://usn.ubuntu.com/8321-1/

reference_url

https://github.com/mate-desktop/atril/releases/tag/v1.26.3

reference_id

v1.26.3

reference_type

scores

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-12T12:30:30Z/

url

https://github.com/mate-desktop/atril/releases/tag/v1.26.3

reference_url

https://github.com/mate-desktop/atril/releases/tag/v1.28.4

reference_id

v1.28.4

reference_type

scores

value	8.4
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-06-12T12:30:30Z/

url

https://github.com/mate-desktop/atril/releases/tag/v1.28.4

fixed_packages

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/evince@43.1-2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/evince@48.1-3%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha-3?distro=trixie
purl	pkg:deb/debian/evince@49~alpha-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2026-46529

risk_score 3.8

exploitability 0.5

weighted_severity 7.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re8f-ufnm-sfft

url VCID-suqp-bz7b-aka6

vulnerability_id VCID-suqp-bz7b-aka6

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000083.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000083.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000083

reference_id

reference_type

scores

value	0.76136
scoring_system	epss
scoring_elements	0.98944
published_at	2026-06-11T12:55:00Z

value	0.76136
scoring_system	epss
scoring_elements	0.98948
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000083

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000083
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000083

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	6.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1468488
reference_id	1468488
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1468488

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868500
reference_id	868500
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868500

reference_url	https://security.archlinux.org/ASA-201707-14
reference_id	ASA-201707-14
reference_type
scores
url	https://security.archlinux.org/ASA-201707-14

reference_url

https://security.archlinux.org/AVG-348

reference_id

AVG-348

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-348

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45824.txt
reference_id	CVE-2017-1000083
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45824.txt

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46341.rb
reference_id	CVE-2017-1000083
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46341.rb

reference_url	https://raw.githubusercontent.com/rapid7/metasploit-framework/0dbad5d2e3c9e9c4cfb6203b99a2b437b18a0105/modules/exploits/multi/fileformat/evince_cbt_cmd_injection.rb
reference_id	CVE-2017-1000083
reference_type	exploit
scores
url	https://raw.githubusercontent.com/rapid7/metasploit-framework/0dbad5d2e3c9e9c4cfb6203b99a2b437b18a0105/modules/exploits/multi/fileformat/evince_cbt_cmd_injection.rb

reference_url	https://access.redhat.com/errata/RHSA-2017:2388
reference_id	RHSA-2017:2388
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2388

reference_url	https://usn.ubuntu.com/3351-1/
reference_id	USN-3351-1
reference_type
scores
url	https://usn.ubuntu.com/3351-1/

fixed_packages

url	pkg:deb/debian/evince@3.22.1-4?distro=trixie
purl	pkg:deb/debian/evince@3.22.1-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.22.1-4%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2017-1000083

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-suqp-bz7b-aka6

url VCID-xyff-4j63-qqhf

vulnerability_id VCID-xyff-4j63-qqhf

summary evince is missing a check on number of pages which can lead to a segmentation fault

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3718.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3718.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-3718

reference_id

reference_type

scores

value	0.00518
scoring_system	epss
scoring_elements	0.67175
published_at	2026-06-11T12:55:00Z

value	0.00518
scoring_system	epss
scoring_elements	0.67267
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-3718

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3718
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3718

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1365025
reference_id	1365025
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1365025

fixed_packages

url	pkg:deb/debian/evince@3.10.0-1?distro=trixie
purl	pkg:deb/debian/evince@3.10.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.10.0-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2013-3718

risk_score 1.5

exploitability 0.5

weighted_severity 3.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xyff-4j63-qqhf

url VCID-ya65-e9eu-rqb2

vulnerability_id VCID-ya65-e9eu-rqb2

summary

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010006.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1010006.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1010006

reference_id

reference_type

scores

value	0.00417
scoring_system	epss
scoring_elements	0.62175
published_at	2026-06-11T12:55:00Z

value	0.00417
scoring_system	epss
scoring_elements	0.62277
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1010006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1730582
reference_id	1730582
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1730582

reference_url	https://usn.ubuntu.com/4067-1/
reference_id	USN-4067-1
reference_type
scores
url	https://usn.ubuntu.com/4067-1/

reference_url	https://usn.ubuntu.com/7274-1/
reference_id	USN-7274-1
reference_type
scores
url	https://usn.ubuntu.com/7274-1/

fixed_packages

url	pkg:deb/debian/evince@3.27.92-1?distro=trixie
purl	pkg:deb/debian/evince@3.27.92-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.27.92-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2019-1010006

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya65-e9eu-rqb2

url VCID-zccz-kauy-sqe2

vulnerability_id VCID-zccz-kauy-sqe2

summary

Multiple vulnerabilities have been found in Evince, allowing remote
    attackers to execute arbitrary code or cause a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2643.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2643.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2643

reference_id

reference_type

scores

value	0.07841
scoring_system	epss
scoring_elements	0.9218
published_at	2026-06-11T12:55:00Z

value	0.07841
scoring_system	epss
scoring_elements	0.92207
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2643

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2643

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534
reference_id	609534
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=666321
reference_id	666321
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=666321

reference_url	https://security.gentoo.org/glsa/201111-10
reference_id	GLSA-201111-10
reference_type
scores
url	https://security.gentoo.org/glsa/201111-10

reference_url	https://access.redhat.com/errata/RHSA-2011:0009
reference_id	RHSA-2011:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0009

reference_url	https://usn.ubuntu.com/1035-1/
reference_id	USN-1035-1
reference_type
scores
url	https://usn.ubuntu.com/1035-1/

fixed_packages

url	pkg:deb/debian/evince@2.30.3-2?distro=trixie
purl	pkg:deb/debian/evince@2.30.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@2.30.3-2%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2010-2643

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zccz-kauy-sqe2

url VCID-znj3-njcg-3bh8

vulnerability_id VCID-znj3-njcg-3bh8

summary

Multiple vulnerabilities have been discovered in T1Lib, the worst
    of which could lead to remote execution of arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2642.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2642.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2642

reference_id

reference_type

scores

value	0.19372
scoring_system	epss
scoring_elements	0.95523
published_at	2026-06-11T12:55:00Z

value	0.19372
scoring_system	epss
scoring_elements	0.95537
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2642

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2642

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534
reference_id	609534
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609534

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=666318
reference_id	666318
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=666318

reference_url	https://security.gentoo.org/glsa/201111-10
reference_id	GLSA-201111-10
reference_type
scores
url	https://security.gentoo.org/glsa/201111-10

reference_url	https://security.gentoo.org/glsa/201701-57
reference_id	GLSA-201701-57
reference_type
scores
url	https://security.gentoo.org/glsa/201701-57

reference_url	https://access.redhat.com/errata/RHSA-2011:0009
reference_id	RHSA-2011:0009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2011:0009

reference_url	https://access.redhat.com/errata/RHSA-2012:0062
reference_id	RHSA-2012:0062
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0062

reference_url	https://access.redhat.com/errata/RHSA-2012:0137
reference_id	RHSA-2012:0137
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0137

reference_url	https://access.redhat.com/errata/RHSA-2012:1201
reference_id	RHSA-2012:1201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:1201

reference_url	https://usn.ubuntu.com/1035-1/
reference_id	USN-1035-1
reference_type
scores
url	https://usn.ubuntu.com/1035-1/

reference_url	https://usn.ubuntu.com/1335-1/
reference_id	USN-1335-1
reference_type
scores
url	https://usn.ubuntu.com/1335-1/

fixed_packages

url	pkg:deb/debian/evince@3.0.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.0.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.0.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@3.38.2-1?distro=trixie
purl	pkg:deb/debian/evince@3.38.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@3.38.2-1%3Fdistro=trixie

url	pkg:deb/debian/evince@43.1-2?distro=trixie
purl	pkg:deb/debian/evince@43.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

url	pkg:deb/debian/evince@48.1-3?distro=trixie
purl	pkg:deb/debian/evince@48.1-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@48.1-3%3Fdistro=trixie

url	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
purl	pkg:deb/debian/evince@49~alpha.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@49~alpha.1-1%3Fdistro=trixie

aliases CVE-2010-2642

risk_score 0.1

exploitability 0.5

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znj3-njcg-3bh8

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/evince@43.1-2%3Fdistro=trixie

Package Instance