Fluid Attacks Database

Description

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	atril	>=0 <1.20.0-1	1.20.0-1
debian 11	evince	>=0 <3.25.92-1	3.25.92-1
debian 13	evince	>=0 <3.25.92-1	3.25.92-1
debian 12	evince	>=0 <3.25.92-1	3.25.92-1
debian 14	evince	>=0 <3.25.92-1	3.25.92-1
debian 14	atril	>=0 <1.20.0-1	1.20.0-1
debian 11	atril	>=0 <1.20.0-1	1.20.0-1
debian 13	atril	>=0 <1.20.0-1	1.20.0-1
rpm rhel6	evince	-	-
rpm rhel7	evince	-	-

Aliases

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.