Описание
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mathtex | removed | package | ||
| mathtex | no-dsa | bookworm | package | |
| mathtex | no-dsa | bullseye | package | |
| mathtex | postponed | buster | package |
Примечания
https://blog.yulun.ac.cn/posts/2023/fuzzing-mathtex/
EPSS
Процентиль: 87%
0.03179
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 2 лет назад
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL.
CVSS3: 9.8
nvd
около 2 лет назад
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL.
CVSS3: 9.8
github
около 2 лет назад
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute arbitrary code via crafted string in application URL.
EPSS
Процентиль: 87%
0.03179
Низкий