1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
38.4%
The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and texlive 6.20131226_r32488.fc20 and rpm allows local users to delete arbitrary files via a crafted file in the user’s home directory.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | texlive-base | < 2022.20230122-3 | texlive-base_2022.20230122-3_all.deb |
Debian | 11 | all | texlive-base | < 2020.20210202-3 | texlive-base_2020.20210202-3_all.deb |
Debian | 10 | all | texlive-base | < 2018.20190227-2 | texlive-base_2018.20190227-2_all.deb |
Debian | 999 | all | texlive-base | < 2024.20240401-3 | texlive-base_2024.20240401-3_all.deb |
Debian | 13 | all | texlive-base | < 2023.20240207-1 | texlive-base_2023.20240207-1_all.deb |
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
4.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
38.4%