CVE-2019-11459
MEDIUM5.5EPSS 0.44%Published: 4/22/2019Modified: 4/28/2026
Description
The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.
Affected packages (2)
- Debian/atrilfrom 0, < 1.22.3-1
- Debian/evincefrom 0, < 3.32.0-3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N |