The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
CVSS Score
5.5
EPSS Score
0.005
Published
2019-04-22
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-11-27