Search for packages
| purl | pkg:deb/debian/evince@3.30.2-3%2Bdeb10u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-g4dd-e3cb-aaaj
Aliases: CVE-2019-11459 |
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g4dd-e3cb-aaaj | The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. |
CVE-2019-11459
|
| VCID-jrm1-d798-aaam | Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6. |
CVE-2023-51698
|
| VCID-jt91-yd9q-aaab | Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. |
CVE-2019-1010006
|
| VCID-jue6-2hcd-aaas | backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename. |
CVE-2017-1000083
|
| VCID-rj5r-1412-aaas | Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. |
CVE-2017-1000159
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T18:09:07.968732+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:00:11.822698+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T17:05:37.131980+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:59:50.349805+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:19:50.464136+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T02:36:02.569243+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.1.3 |
| 2025-06-21T00:20:55.430427+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | None | 36.1.3 |
| 2025-06-20T22:19:58.281801+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | None | 36.1.3 |
| 2025-06-20T21:52:43.563615+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | None | 36.1.3 |
| 2025-06-20T21:52:18.266691+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | None | 36.1.3 |
| 2025-06-08T10:40:35.070055+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:31:52.933722+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:50:29.521338+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:53:11.828846+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:14:24.814822+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T20:00:14.883907+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.1.0 |
| 2025-06-07T17:43:51.014530+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | None | 36.1.0 |
| 2025-06-07T15:44:08.167494+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | None | 36.1.0 |
| 2025-06-07T15:16:01.915723+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | None | 36.1.0 |
| 2025-06-07T15:15:36.102584+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | None | 36.1.0 |
| 2025-04-12T22:47:52.175777+00:00 | Debian Oval Importer | Fixing | VCID-jrm1-d798-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:47:50.077794+00:00 | Debian Oval Importer | Fixing | VCID-jrm1-d798-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-12T22:14:19.718409+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:07:23.451930+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:06:57.408512+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:22:18.552557+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:13:13.931195+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T08:22:41.745200+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:24:43.176420+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:46:35.132939+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T18:38:08.034462+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.0.0 |
| 2025-04-07T16:19:59.854978+00:00 | Debian Oval Importer | Fixing | VCID-g4dd-e3cb-aaaj | None | 36.0.0 |
| 2025-04-07T14:14:54.112144+00:00 | Debian Oval Importer | Fixing | VCID-jt91-yd9q-aaab | None | 36.0.0 |
| 2025-04-07T13:47:36.464771+00:00 | Debian Oval Importer | Fixing | VCID-jue6-2hcd-aaas | None | 36.0.0 |
| 2025-04-07T13:47:11.637488+00:00 | Debian Oval Importer | Fixing | VCID-rj5r-1412-aaas | None | 36.0.0 |