Tex Live Security Vulnerabilities and Issues — Tex Live CVE List

Lucene search

TugTex Live

10 matches found

CVE•added 2024/02/29 1:44 a.m.•3814 views

CVE-2024-25262

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.

8.1CVSS7.2AI score0.00135EPSS

CVE•added 2018/09/23 9:29 p.m.•331 views

CVE-2018-17407

An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. A buffer overflow in the handling of Type 1 fonts allows arbitrary code execution when a malicious font is loaded by one of the vulnerable tools: pdflatex, pdftex, dvips, or luatex.

7.8CVSS7.8AI score0.0138EPSS

CVE•added 2023/05/20 6:15 p.m.•305 views

CVE-2023-32700

LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.

8.8CVSS7.7AI score0.00246EPSS

CVE•added 2017/05/02 2:59 p.m.•70 views

CVE-2016-10243

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost in shell_escape_commands in the texmf.cnf config file.

9.8CVSS9.6AI score0.09885EPSS

CVE•added 2023/05/11 6:15 a.m.•61 views

CVE-2023-32668

LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.

5.5CVSS5.7AI score0.00048EPSS

CVE•added 2024/03/27 5:15 a.m.•60 views

CVE-2023-46048

Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem.

6.2CVSS6.5AI score0.00025EPSS

CVE•added 2010/04/16 6:30 p.m.•58 views

CVE-2010-0739

Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party infor...

6.8CVSS7.7AI score0.08512EPSS

CVE•added 2010/05/07 6:24 p.m.•55 views

CVE-2010-1440

Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related to the (1) predospecial and (2) bbdospecial func...

6.8CVSS7.8AI score0.08512EPSS

CVE•added 2010/05/07 6:24 p.m.•51 views

CVE-2010-0827

Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted virtual font (VF) file associated with a DVI file.

6.8CVSS7.8AI score0.05669EPSS

CVE•added 2017/12/14 4:29 p.m.•41 views

CVE-2017-17513

TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context...

8.8CVSS8.5AI score0.00508EPSS