2 matches found
CVE-2024-29073
Anki (Ankitects) 24.04 is affected by CVE-2024-29073 due to incomplete sanitization of LaTeX: the verbatim package is not properly handled, enabling a specially crafted flashcard to read arbitrary files. The issue is triggered by sharing a flashcard; no fix/version remediation is provided in the ...
CVE-2024-26020
CVE-2024-26020 : The vulnerability affects Ankitects Anki 24.04, where the MPV functionality in flashcards processes user-supplied content and can trigger arbitrary code execution via a crafted flashcard. Multiple connected sources corroborate exploitation potential and assign high/critical impac...