Lucene search
+L

44 matches found

NVD
NVD
added 2023/05/20 6:15 p.m.18 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS7.9AI score0.00804EPSS
Exploits0References6
OSV
OSV
added 2023/05/20 6:15 p.m.5 views

DEBIAN-CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

7.8CVSS8AI score0.00804EPSS
Exploits0References1
Prion
Prion
added 2023/05/20 6:15 p.m.20 views

Design/Logic Flaw

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

4.4CVSS7.6AI score0.00804EPSS
Exploits0References6Affected Software3
UbuntuCve
UbuntuCve
added 2023/05/20 6:15 p.m.38 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS7.3AI score0.00804EPSS
Exploits0References6
OSV
OSV
added 2023/05/20 6:15 p.m.4 views

UBUNTU-CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS7.4AI score0.00804EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/05/20 12:0 a.m.12 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

7.8AI score0.00804EPSS
Exploits0References6
OSV
OSV
added 2023/05/20 12:0 a.m.6 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS7.9AI score0.00804EPSS
Exploits0References8
Cvelist
Cvelist
added 2023/05/20 12:0 a.m.24 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.1AI score0.00804EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2023/05/20 12:0 a.m.39 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS7.9AI score0.00804EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/05/20 12:0 a.m.54 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

8.8CVSS8AI score0.00804EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/05/17 1:47 a.m.4 views

SUSE CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS7AI score0.0037EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/05/16 1:52 a.m.3 views

SUSE CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

7.8CVSS7.4AI score0.00804EPSS
Exploits0References7
NVD
NVD
added 2023/05/11 6:15 a.m.19 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS5.8AI score0.0037EPSS
Exploits1References5
OSV
OSV
added 2023/05/11 6:15 a.m.3 views

DEBIAN-CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS5.8AI score0.0037EPSS
Exploits1References1
Prion
Prion
added 2023/05/11 6:15 a.m.21 views

Default configuration

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

1.9CVSS5.5AI score0.0037EPSS
Exploits1References4Affected Software3
OSV
OSV
added 2023/05/11 6:15 a.m.8 views

UBUNTU-CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS6.2AI score0.0037EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.3 views

PT-2023-9170 · Miktex +4 · Miktex +4

Name of the Vulnerable Software and Affected Versions: LuaTeX versions prior to 1.17.0 TeX Live versions prior to 2023 r66984 MiKTeX versions prior to 23.5 Description: The issue allows a document, compiled with default settings, to make arbitrary network requests due to full access to the socket...

10CVSS8.2AI score0.01875EPSS
Exploits1References38
Vulnrichment
Vulnrichment
added 2023/05/11 12:0 a.m.10 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.8AI score0.0037EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/05/11 12:0 a.m.24 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

6.1AI score0.0037EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2023/05/11 12:0 a.m.38 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS6.2AI score0.0037EPSS
Exploits1References6
Rows per page
Query Builder