ГлавнаяУязвимости → CVE-2024-40445
7.3высокая

CVE-2024-40445

Описание

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

Затрагиваемое ПО
Ctan Mimetex
CVSS
Балл7.3 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Источники
https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/https://youtu.be/OII16TteaJwhttps://youtu.be/W2KPHFNfgrg