{"id":"CVE-2019-11459","details":"The tiff_document_render() and tiff_document_get_thumbnail() functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented(), leading to uninitialized memory use when processing certain TIFF image files.","modified":"2026-04-16T04:30:48.444476571Z","published":"2019-04-22T22:29:00.403Z","related":["ALSA-2019:3553","SUSE-SU-2019:14141-1","SUSE-SU-2019:1648-1","SUSE-SU-2019:2080-1","SUSE-SU-2019:2080-2","SUSE-SU-2019:2098-1","openSUSE-SU-2019:1667-1","openSUSE-SU-2024:10742-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YJ6R7NMY44IHIQIY24CV3WV2GLGJPQPZ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LU4YZK5S46TZAH4J3NYYUYFMOC47LJG/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3959-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2020/dsa-4624"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:3553"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00013.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/08/msg00014.html"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2020/Feb/18"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00089.html"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/evince/issues/1129"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/evince","events":[{"introduced":"0"},{"last_affected":"10da4bcec1cdd535a267e4b8e971668a47f0138b"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.32.0"}]}}],"versions":["3.1.2","3.1.90","3.1.90.1","3.10.0","3.11.1","3.11.3","3.11.90","3.11.92","3.13.3","3.13.3.1","3.13.90","3.13.91","3.13.92","3.14.0","3.14.1","3.15.4","3.15.90","3.15.92","3.16.0","3.17.1","3.17.2","3.17.3","3.17.4","3.17.92","3.18.0","3.19.92","3.2.0","3.2.1","3.20.0","3.21.3","3.21.4","3.21.92","3.22.0","3.24.0","3.25.4","3.25.91","3.25.92","3.26.0","3.27.91","3.27.92","3.28.1","3.29.1","3.29.90","3.29.91","3.29.92","3.3.2","3.3.3","3.3.3.1","3.3.4","3.3.5","3.3.90","3.3.92","3.30.0","3.31.1","3.31.2","3.31.3","3.31.4","3.31.90","3.31.91","3.32.0","3.4.0","3.5.2","3.5.3","3.5.4","3.5.5","3.5.90","3.5.92","3.6.0","3.7.1","3.7.4","3.7.5","3.7.90","3.7.92","3.8.0","3.9.2","3.9.3","3.9.4","3.9.5","3.9.90","BEFORE_GNOME_PRINT","BEFORE_NEW_UI_HANDLER_1","BEFORE_XPDF_3_MERGE","BONOBO_BEFORE_API_RENAME","ChangeLog","EAZEL-NAUTILUS-MS-AUG07","EAZEL-NAUTILUS-MS-JULY_5","EVINCE_0_1_0","EVINCE_0_1_1","EVINCE_0_1_3","EVINCE_0_1_4","EVINCE_0_1_5","EVINCE_0_1_6","EVINCE_0_1_7","EVINCE_0_1_8","EVINCE_0_1_9","EVINCE_0_2_0","EVINCE_0_2_1","EVINCE_0_3_0","EVINCE_0_3_1","EVINCE_0_3_3","EVINCE_0_4_0","EVINCE_0_5_0","EVINCE_0_5_1","EVINCE_0_5_2","EVINCE_0_5_3","EVINCE_0_5_4","EVINCE_0_5_5","EVINCE_0_6_0","EVINCE_0_6_1","EVINCE_0_7_0","EVINCE_0_7_1","EVINCE_0_7_2","EVINCE_0_8_0","EVINCE_0_8_1","EVINCE_0_9_0","EVINCE_0_9_1","EVINCE_0_9_2","EVINCE_0_9_3","EVINCE_2_19_4","EVINCE_2_19_92","EVINCE_2_20_0","EVINCE_2_21_1","EVINCE_2_21_90","EVINCE_2_21_91","EVINCE_2_22_0","EVINCE_2_22_1","EVINCE_2_22_1_1","EVINCE_2_23_4","EVINCE_2_23_5","EVINCE_2_23_91","EVINCE_2_23_92","EVINCE_2_24_0","EVINCE_2_24_1","EVINCE_2_25_1","EVINCE_2_25_2","EVINCE_2_25_4","EVINCE_2_25_5","EVINCE_2_25_90","EVINCE_2_25_91","EVINCE_2_25_92","EVINCE_2_26_0","EVINCE_2_27_1","EVINCE_2_27_3","EVINCE_2_27_4","EVINCE_2_27_90","EVINCE_2_29_1","EVINCE_2_29_2","EVINCE_2_29_3","EVINCE_2_29_4","EVINCE_2_29_5","EVINCE_2_29_91","EVINCE_2_29_92","EVINCE_2_30_0","EVINCE_2_31_1","EVINCE_2_31_2","EVINCE_2_31_3","EVINCE_2_31_4","EVINCE_2_31_4_1","EVINCE_2_31_5","EVINCE_2_31_6","EVINCE_2_31_6_1","EVINCE_2_31_90","EVINCE_2_91_0","EVINCE_2_91_1","EVINCE_2_91_2","EVINCE_2_91_3","EVINCE_2_91_4","EVINCE_2_91_5","EVINCE_2_91_6","EVINCE_2_91_90","EVINCE_2_91_92","EVINCE_2_91_93","EVINCE_3_0_0","GNOME_2_12_BRANCHPOINT","GNOME_2_14_BRANCHPOINT","GNOME_2_16_BRANCHPOINT","GNOME_2_4_ANCHOR","GNOME_2_6_ANCHOR","GNOME_2_8_ANCHOR","GPDF_0_100","GPDF_0_101","GPDF_0_102","GPDF_0_103","GPDF_0_104","GPDF_0_105","GPDF_0_106","GPDF_0_110","GPDF_0_111","GPDF_0_112","GPDF_0_112_1","GPDF_0_120","GPDF_0_121","GPDF_0_122","GPDF_0_123","GPDF_0_124","GPDF_0_125","GPDF_0_130","GPDF_0_131","GPDF_2_7_1","GPDF_2_7_2","GPDF_2_7_90","GPDF_2_7_91","GPDF_2_8_0","GPDF_2_8_1","GPDF_2_9_1","GPDF_FOR_GNOME_1_4","GPDF_MODES_ANCHOR","GPDF_OUTLINES_ANCHOR","XPDF_0_80","XPDF_1_01","XPDF_2_00","XPDF_2_01","XPDF_2_02","XPDF_2_03","XPDF_3_00","nautilus_ms_may_31","start"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11459.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"19.04"}]},{"events":[{"introduced":"0"},{"last_affected":"29"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.1"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.4"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.4"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"8.2"}]},{"events":[{"introduced":"0"},{"last_affected":"8.4"}]},{"events":[{"introduced":"0"},{"last_affected":"8.6"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]},{"events":[{"introduced":"0"},{"last_affected":"15.1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}]}