LuaTeX 安全漏洞

LuaTeX is an extended version of pdfTeX from LuaTeX, using Lua as the embedded scripting language. A security vulnerability exists in LuaTeX versions prior to 1.17.0, which arises from a vulnerability that allows execution of arbitrary shell commands when compiling TeX files obtained from untrust...

PT-2023-9170 · Miktex +4 · Miktex +4

Name of the Vulnerable Software and Affected Versions: LuaTeX versions prior to 1.17.0 TeX Live versions prior to 2023 r66984 MiKTeX versions prior to 23.5 Description: The issue allows a document, compiled with default settings, to make arbitrary network requests due to full access to the socket...