Lucene search
K

44 matches found

Positive Technologies
Positive Technologies
added 2023/05/11 12:0 a.m.2 views

PT-2023-9170 · Miktex +4 · Miktex +4

Name of the Vulnerable Software and Affected Versions: LuaTeX versions prior to 1.17.0 TeX Live versions prior to 2023 r66984 MiKTeX versions prior to 23.5 Description: The issue allows a document, compiled with default settings, to make arbitrary network requests due to full access to the socket...

10CVSS8.2AI score0.01875EPSS
Exploits1References38
Cvelist
Cvelist
added 2023/05/11 12:0 a.m.23 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

6.1AI score0.0037EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2023/05/11 12:0 a.m.25 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

5.5CVSS5.4AI score0.0037EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2017/03/01 12:0 a.m.10 views

PT-2017-4251 · Luatex +10 · Luatex +10

Name of the Vulnerable Software and Affected Versions: LuaTeX versions prior to 1.17.0 TeX Live versions prior to 2023 r66984 MiKTeX versions prior to 23.5 Description: The issue is related to the io.popen function in the luatex-core.lua component, which lacks input validation. This allows an...

9.8CVSS8.1AI score0.03697EPSS
Exploits2References82
Rows per page
Query Builder