[SECURITY] Fedora 43 Update: evince-48.1-2.fc43

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

MAL-2026-3404 Malicious code in @matjp/dvi-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 285904d13f5d698c3c33461fe969265ca73c3041db80eabe5637c1ebd3f3ca9b The package @matjp/dvi-decode was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in @matjp/dvi-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 285904d13f5d698c3c33461fe969265ca73c3041db80eabe5637c1ebd3f3ca9b The package @matjp/dvi-decode was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2011-0458

Malware in sbrugna...

EUVD-2010-0765

Malware in sbrugna...

EUVD-2010-2647

Malware in sbrugna...

EUVD-2010-2645

Malware in sbrugna...

EUVD-2001-0983

Malware in sbrugna...

EUVD-2010-2644

Malware in sbrugna...

EUVD-2017-7339

Malware in sbrugna...

EUVD-2010-1468

Malware in sbrugna...

EUVD-2007-5905

Malware in sbrugna...

EUVD-2019-6516

Malware in sbrugna...

EUVD-2001-0889

Malware in sbrugna...

Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.

...

Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier, teTeX 3.0, t1lib 5.1.2, and possibly other products allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer.

...

Linux Distros Unpatched Vulnerability : CVE-2017-15922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Libextractor 1.4, there is an out-of-bounds read in the EXTRACTORdviextractmethod function in plugins/dviextractor.c. CVE-2017-15922 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2019-15531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libextractor through 1.9 has a heap-based buffer over-read in the function EXTRACTORdviextractmethod in plugins/dviextractor.c. CVE-2019-15531 Note that...

Fedora: Security Advisory for atril (FEDORA-2024-59a7d96d84)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: atril-1.26.2-2.fc38

Mate-document-viewer is simple document viewer. It can display and print Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS, DVI, DJVU, epub and XPS files. When supported by the document format, mate-document-viewer allows searching for text, copying text to the clipboard,...