GNOME Evince 2.23.5

CPE Details

GNOME Evince 2.23.5
gnome
evince
2.23.5
2019-11-04
15h48 +00:00
2019-11-04
15h48 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:gnome:evince:2.23.5:*:*:*:*:*:*:*

Informations

Vendor

gnome

Product

evince

Version

2.23.5

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2019-11459 2019-04-22 18h26 +00:00 The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
5.5
Moyen
CVE-2017-1000159 2017-11-27 14h00 +00:00 Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
7.8
Haute
CVE-2017-1000083 2017-09-05 04h00 +00:00 backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
7.8
Haute