GHSA-vjmm-r9gg-425m

Опубликовано: 07 нояб. 2024

Источник: github

Github: Прошло ревью

CVSS4: 6.6

CVSS3: 7.5

Описание

Moodle has arbitrary file read risk through pdfTeX

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

Ссылки

Пакеты

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

< 4.1.12

4.1.12

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.2.0-beta, < 4.2.9

4.2.9

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.3.0-beta, < 4.3.6

4.3.6

Наименование

moodle/moodle

composer

Затронутые версииВерсия исправления

>= 4.4.0-beta, < 4.4.2

4.4.2

EPSS

Процентиль: 22%

0.0007

Низкий

6.6 Medium

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-43426

Дефекты

CWE-1287

Связанные уязвимости

CVE-2024-43426

CVSS3: 7.5

ubuntu

9 месяцев назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

CVE-2024-43426

CVSS3: 7.5

nvd

9 месяцев назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

CVE-2024-43426

CVSS3: 7.5

debian

9 месяцев назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notatio ...

EPSS

Процентиль: 22%

0.0007

Низкий

6.6 Medium

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2024-43426

Дефекты

CWE-1287