Описание
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | code not present |
| esm-apps/bionic | released | 1.20.1-2ubuntu2+esm2 |
| esm-apps/focal | released | 1.24.0-1ubuntu0.2 |
| esm-apps/jammy | released | 1.26.0-1ubuntu1.2 |
| esm-apps/noble | not-affected | code not present |
| esm-apps/xenial | not-affected | code not present |
| focal | released | 1.24.0-1ubuntu0.2 |
| jammy | released | 1.26.0-1ubuntu1.2 |
| lunar | ignored | end of life, was needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | not-affected | 3.36.10-0ubuntu1 |
| esm-infra/xenial | needs-triage | |
| focal | not-affected | 3.36.10-0ubuntu1 |
| jammy | not-affected | |
| lunar | not-affected | |
| mantic | not-affected | |
| noble | not-affected |
Показывать по
EPSS
9.6 Critical
CVSS3
Связанные уязвимости
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.
Atril is a simple multi-page document viewer. Atril is vulnerable to a ...
Уязвимость программы для просмотра многостраничных документов Atril, связанная с возможностью внедрения команд, позволяющая нарушителю выполнить произвольный код
EPSS
9.6 Critical
CVSS3