20 matches found
Important: Red Hat Security Advisory: evince security update
An update for evince is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
AlmaLinux 8 : evince (ALSA-2026:28998)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28998 advisory. atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen CVE-2026-46529 Tenable has extracted the preceding...
RockyLinux 8 : evince (RLSA-2026:28998)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:28998 advisory. atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen CVE-2026-46529 Tenable has extracted the preceding...
RockyLinux 9 : evince (RLSA-2026:27819)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:27819 advisory. atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen CVE-2026-46529 Tenable has extracted the preceding...
RHEL 9 : evince (RHSA-2026:27819)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:27819 advisory. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files,...
Amazon Linux 2 : evince, --advisory ALAS2-2026-3354 (ALAS-2026-3354)
The version of evince installed on the remote host is prior to 3.28.2-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3354 advisory. CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of shell-like input in...
SUSE-SU-2026:22182-1 Security update for papers
This update for papers fixes the following issues Security issue: - CVE-2026-46529: command injection bsc1265880. Changes for papers: - Update to version 48.10 bsc1265880: - Update to version 48.9 jscPED-15957, bsc1261947: - Bug fixes: - Saved image files are empty - Print dialog says "Manage...
DEBIAN-CVE-2026-46529
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...
CVE-2026-46529 PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...
Amazon Linux 2 : atril, --advisory ALAS2MATE-DESKTOP1.X-2026-011 (ALASMATE-DESKTOP1.X-2026-011)
The version of atril installed on the remote host is prior to 1.20.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2MATE-DESKTOP1.X-2026-011 advisory. CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of...
Important: atril
Issue Overview: CVE-2026-46529 is a command injection vulnerability in Evince, Atril, and Xreader caused by missing quoting of shell-like input in evspawn in ev-application.c. CVE-2026-46529 Affected Packages: atril Note: This advisory is applicable to Amazon Linux 2 - Mate-desktop1.x Extra. Visi...
Security update for evince
This update for evince fixes the following issue CVE-2026-46529: Evince/Atril/Xreader command injection bsc1265880. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...
SUSE-SU-2026:2288-1 Security update for evince
This update for evince fixes the following issue - CVE-2026-46529: Evince/Atril/Xreader command injection bsc1265880...
openSUSE 16 Security Update : evince (openSUSE-SU-2026:20850-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20850-1 advisory. Changes in evince: - Update to version 48.2 bsc1265880 CVE-2026-46529: - shell: Quote strings in arguments used when calling evspawn - Update to version...
OPENSUSE-SU-2026:20850-1 Security update for evince
This update for evince fixes the following issues: Changes in evince: - Update to version 48.2 bsc1265880 CVE-2026-46529: + shell: Quote strings in arguments used when calling evspawn - Update to version 48.1+6: + build: bump DjVuLibre version required + libview: Fix crash in the accessible code...
Fedora 42 : evince (2026-49dc95b509)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-49dc95b509 advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
libppsdocument4_0-6-50.1-2.1 on GA media (moderate)
libppsdocument40-6-50.1-2.1 on GA media Announcement ID: openSUSE-SU-2026:10853-1 Rating: moderate Cross-References: CVE-2026-46529 CVSS scores: CVE-2026-46529 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2026-46529 SUSE : 7.5...
SUSE CVE-2026-46529
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside...
Fedora 44 : evince (2026-aea94fcc1c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-aea94fcc1c advisory. Fix command injection CVE-2026-46529 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Linux Distros Unpatched Vulnerability : CVE-2026-46529
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single- click remote code execution vulnerability in versions...