Search for packages
| purl | pkg:deb/debian/evince@3.4.0-3.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-g4dd-e3cb-aaaj
Aliases: CVE-2019-11459 |
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files. |
Affected by 5 other vulnerabilities. Affected by 1 other vulnerability. Affected by 0 other vulnerabilities. |
|
VCID-j4ae-6bh9-aaak
Aliases: CVE-2013-3718 |
evince is missing a check on number of pages which can lead to a segmentation fault |
Affected by 5 other vulnerabilities. |
|
VCID-jrm1-d798-aaam
Aliases: CVE-2023-51698 |
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6. |
Affected by 1 other vulnerability. |
|
VCID-jt91-yd9q-aaab
Aliases: CVE-2019-1010006 |
Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The attack vector is: Victim must open a crafted PDF file. The issue occurs because of an incorrect integer overflow protection mechanism in tiff_document_render and tiff_document_get_thumbnail. |
Affected by 5 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-jue6-2hcd-aaas
Aliases: CVE-2017-1000083 |
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename. |
Affected by 5 other vulnerabilities. Affected by 5 other vulnerabilities. Affected by 1 other vulnerability. |
|
VCID-rj5r-1412-aaas
Aliases: CVE-2017-1000159 |
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91. |
Affected by 5 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-uc1q-57yv-aaan | Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. |
CVE-2010-2640
|
| VCID-uzn8-a6tf-aaaa | Heap-based buffer overflow in the linetoken function in afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, a different vulnerability than CVE-2010-2642. |
CVE-2011-0433
|
| VCID-y5sg-3whu-aaam | Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433. |
CVE-2011-5244
|
| VCID-ydbn-ub5q-aaap | Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer. |
CVE-2010-2642
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T18:09:07.960224+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.3 |
| 2025-06-21T18:00:11.814477+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T17:40:42.650227+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T17:05:37.119625+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T16:14:08.852446+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:59:50.340381+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:19:50.455631+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:27:00.771518+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:19:25.727756+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:02:53.147071+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:40:42.495756+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:20:50.929538+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T10:13:10.524830+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.3 |
| 2025-06-21T09:54:16.728221+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T00:33:44.474821+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | None | 36.1.3 |
| 2025-06-21T00:20:55.422636+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.1.3 |
| 2025-06-21T00:15:09.246041+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | None | 36.1.3 |
| 2025-06-20T22:19:58.272980+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | None | 36.1.3 |
| 2025-06-20T20:26:31.759872+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | None | 36.1.3 |
| 2025-06-20T20:26:18.961112+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | None | 36.1.3 |
| 2025-06-20T19:57:38.901658+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | None | 36.1.3 |
| 2025-06-20T19:48:29.497495+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | None | 36.1.3 |
| 2025-06-20T19:28:28.372068+00:00 | Debian Oval Importer | Fixing | VCID-uc1q-57yv-aaan | None | 36.1.3 |
| 2025-06-08T12:24:56.250437+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:40:35.064082+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T10:31:52.926430+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T10:14:19.324177+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:50:29.515296+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T09:01:42.478918+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:53:11.822081+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:14:24.807897+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:27:40.655123+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:43:24.343348+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:33:25.509213+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:20:27.637031+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:07:48.734856+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T04:02:07.674792+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.1.0 |
| 2025-06-08T03:43:04.456471+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T17:56:22.020595+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | None | 36.1.0 |
| 2025-06-07T17:43:51.007204+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.1.0 |
| 2025-06-07T17:38:02.465852+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | None | 36.1.0 |
| 2025-06-07T15:44:08.160054+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | None | 36.1.0 |
| 2025-06-07T14:01:14.378729+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | None | 36.1.0 |
| 2025-06-07T14:01:02.238963+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | None | 36.1.0 |
| 2025-06-07T13:47:19.316680+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | None | 36.1.0 |
| 2025-06-07T13:40:36.871338+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | None | 36.1.0 |
| 2025-06-07T13:25:54.362942+00:00 | Debian Oval Importer | Fixing | VCID-uc1q-57yv-aaan | None | 36.1.0 |
| 2025-06-03T13:25:12.000658+00:00 | Debian Oval Importer | Fixing | VCID-uc1q-57yv-aaan | None | 36.1.2 |
| 2025-04-12T22:47:52.154006+00:00 | Debian Oval Importer | Affected by | VCID-jrm1-d798-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:47:50.055510+00:00 | Debian Oval Importer | Affected by | VCID-jrm1-d798-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-12T22:40:15.161481+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:14:19.698519+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T22:07:23.431966+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:58:33.987785+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T20:06:57.388458+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T19:56:28.917083+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:11:03.556014+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:22:18.533179+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T16:13:13.911504+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-12T15:55:10.291738+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T08:22:41.725275+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:33:22.200100+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T07:24:43.156479+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:46:35.113508+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:58:53.633207+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:14:25.527452+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:03:53.039951+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:49:57.503682+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:36:26.335375+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:30:28.309314+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 | 36.0.0 |
| 2025-04-08T02:10:51.264692+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T16:33:13.654792+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | None | 36.0.0 |
| 2025-04-07T16:19:59.833712+00:00 | Debian Oval Importer | Affected by | VCID-g4dd-e3cb-aaaj | None | 36.0.0 |
| 2025-04-07T16:12:50.649396+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | None | 36.0.0 |
| 2025-04-07T14:14:54.090693+00:00 | Debian Oval Importer | Affected by | VCID-jt91-yd9q-aaab | None | 36.0.0 |
| 2025-04-07T12:35:32.233793+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | None | 36.0.0 |
| 2025-04-07T12:35:21.034241+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | None | 36.0.0 |
| 2025-04-07T12:22:24.444780+00:00 | Debian Oval Importer | Affected by | VCID-rj5r-1412-aaas | None | 36.0.0 |
| 2025-04-07T12:15:56.603106+00:00 | Debian Oval Importer | Affected by | VCID-jue6-2hcd-aaas | None | 36.0.0 |
| 2025-04-07T12:01:25.298732+00:00 | Debian Oval Importer | Fixing | VCID-uc1q-57yv-aaan | None | 36.0.0 |
| 2024-11-28T17:06:10.178889+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-28T02:40:20.290556+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-11-27T19:22:19.914488+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 35.0.0 |
| 2024-10-15T13:52:52.465945+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-14T02:58:13.971639+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T16:47:40.963005+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-13T11:56:57.115422+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.2 |
| 2024-10-05T10:14:15.410679+00:00 | Debian Oval Importer | Affected by | VCID-j4ae-6bh9-aaak | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T05:21:24.984068+00:00 | Debian Oval Importer | Fixing | VCID-y5sg-3whu-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-21T01:07:58.637375+00:00 | Debian Oval Importer | Fixing | VCID-uzn8-a6tf-aaaa | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |
| 2024-09-20T23:07:25.014230+00:00 | Debian Oval Importer | Fixing | VCID-ydbn-ub5q-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 34.0.1 |