7 matches found
[SECURITY] [DLA 3941-1] texlive-bin security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3941-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès October 29, 2024 https://wiki.debian.org/LTS -...
USN-6695-1: TeX Live vulnerabilities
It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2019-18604 It was discovered that TeX...
SUSE CVE-2023-32668
LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...
CVE-2023-32668
creationtimestamp| type| source ---|---|--- 2023-05-11 12:15:06+00:00| seen| https://t.me/cibsecurity/63859...
CVE-2023-32668
LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...
CVE-2023-32668
LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...
CVE-2023-32668
The CVE-2023-32668 issue affects LuaTeX and TeX Live components: LuaTeX prior to 1.17.0 (with default socket library access) allows a document to initiate arbitrary network requests, with TeX Live before 2023 r66984 and MiKTeX before 23.5 also affected. Underlying cause is default full access to ...