CVE-2019-11459

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-11459

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11459.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-11459

Related

Published

2019-04-22T22:29:00Z

Modified

2024-09-03T02:23:08.463909Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

The tiffdocumentrender() and tiffdocumentget_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.

References

Affected packages

Debian:11 / atril

Package

Name: atril
Purl: pkg:deb/debian/atril?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.3-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / atril

Package

Name: atril
Purl: pkg:deb/debian/atril?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.22.3-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:11 / evince

Package

Name: evince
Purl: pkg:deb/debian/evince?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.32.0-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / evince

Package

Name: evince
Purl: pkg:deb/debian/evince?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.32.0-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / evince

Package

Name: evince
Purl: pkg:deb/debian/evince?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.32.0-3

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/gnome/evince

Affected ranges

Type: GIT
Repo: https://github.com/gnome/evince
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

10da4bcec1cdd535a267e4b8e971668a47f0138b

Affected versions

3.*

3.1.2

3.1.90

3.1.90.1

3.10.0

3.11.1

3.11.3

3.11.90

3.11.92

3.13.3

3.13.3.1

3.13.90

3.13.91

3.13.92

3.14.0

3.14.1

3.15.4

3.15.90

3.15.92

3.16.0

3.17.1

3.17.2

3.17.3

3.17.4

3.17.92

3.18.0

3.19.92

3.2.0

3.2.1

3.20.0

3.21.3

3.21.4

3.21.92

3.22.0

3.24.0

3.25.4

3.25.91

3.25.92

3.26.0

3.27.91

3.27.92

3.28.1

3.29.1

3.29.90

3.29.91

3.29.92

3.3.2

3.3.3

3.3.3.1

3.3.4

3.3.5

3.3.90

3.3.92

3.30.0

3.31.1

3.31.2

3.31.3

3.31.4

3.31.90

3.31.91

3.32.0

3.4.0

3.5.2

3.5.3

3.5.4

3.5.5

3.5.90

3.5.92

3.6.0

3.7.1

3.7.4

3.7.5

3.7.90

3.7.92

3.8.0

3.9.2

3.9.3

3.9.4

3.9.5

3.9.90

Other

BEFORE_GNOME_PRINT

BEFORE_NEW_UI_HANDLER_1

BEFORE_XPDF_3_MERGE

BONOBO_BEFORE_API_RENAME

ChangeLog

EAZEL-NAUTILUS-MS-AUG07

EAZEL-NAUTILUS-MS-JULY_5

EVINCE_0_1_0

EVINCE_0_1_1

EVINCE_0_1_3

EVINCE_0_1_4

EVINCE_0_1_5

EVINCE_0_1_6

EVINCE_0_1_7

EVINCE_0_1_8

EVINCE_0_1_9

EVINCE_0_2_0

EVINCE_0_2_1

EVINCE_0_3_0

EVINCE_0_3_1

EVINCE_0_3_3

EVINCE_0_4_0

EVINCE_0_5_0

EVINCE_0_5_1

EVINCE_0_5_2

EVINCE_0_5_3

EVINCE_0_5_4

EVINCE_0_5_5

EVINCE_0_6_0

EVINCE_0_6_1

EVINCE_0_7_0

EVINCE_0_7_1

EVINCE_0_7_2

EVINCE_0_8_0

EVINCE_0_8_1

EVINCE_0_9_0

EVINCE_0_9_1

EVINCE_0_9_2

EVINCE_0_9_3

EVINCE_2_19_4

EVINCE_2_19_92

EVINCE_2_20_0

EVINCE_2_21_1

EVINCE_2_21_90

EVINCE_2_21_91

EVINCE_2_22_0

EVINCE_2_22_1

EVINCE_2_22_1_1

EVINCE_2_23_4

EVINCE_2_23_5

EVINCE_2_23_91

EVINCE_2_23_92

EVINCE_2_24_0

EVINCE_2_24_1

EVINCE_2_25_1

EVINCE_2_25_2

EVINCE_2_25_4

EVINCE_2_25_5

EVINCE_2_25_90

EVINCE_2_25_91

EVINCE_2_25_92

EVINCE_2_26_0

EVINCE_2_27_1

EVINCE_2_27_3

EVINCE_2_27_4

EVINCE_2_27_90

EVINCE_2_29_1

EVINCE_2_29_2

EVINCE_2_29_3

EVINCE_2_29_4

EVINCE_2_29_5

EVINCE_2_29_91

EVINCE_2_29_92

EVINCE_2_30_0

EVINCE_2_31_1

EVINCE_2_31_2

EVINCE_2_31_3

EVINCE_2_31_4

EVINCE_2_31_4_1

EVINCE_2_31_5

EVINCE_2_31_6

EVINCE_2_31_6_1

EVINCE_2_31_90

EVINCE_2_91_0

EVINCE_2_91_1

EVINCE_2_91_2

EVINCE_2_91_3

EVINCE_2_91_4

EVINCE_2_91_5

EVINCE_2_91_6

EVINCE_2_91_90

EVINCE_2_91_92

EVINCE_2_91_93

EVINCE_3_0_0

GNOME_2_12_BRANCHPOINT

GNOME_2_14_BRANCHPOINT

GNOME_2_16_BRANCHPOINT

GNOME_2_4_ANCHOR

GNOME_2_6_ANCHOR

GNOME_2_8_ANCHOR

GPDF_0_100

GPDF_0_101

GPDF_0_102

GPDF_0_103

GPDF_0_104

GPDF_0_105

GPDF_0_106

GPDF_0_110

GPDF_0_111

GPDF_0_112

GPDF_0_112_1

GPDF_0_120

GPDF_0_121

GPDF_0_122

GPDF_0_123

GPDF_0_124

GPDF_0_125

GPDF_0_130

GPDF_0_131

GPDF_2_7_1

GPDF_2_7_2

GPDF_2_7_90

GPDF_2_7_91

GPDF_2_8_0

GPDF_2_8_1

GPDF_2_9_1

GPDF_FOR_GNOME_1_4

GPDF_MODES_ANCHOR

GPDF_OUTLINES_ANCHOR

XPDF_0_80

XPDF_1_01

XPDF_2_00

XPDF_2_01

XPDF_2_02

XPDF_2_03

XPDF_3_00

nautilus_ms_may_31

start