CVE-2024-40445

Опубликовано: 22 апр. 2025

Источник: nvd

CVSS3: 7.3

EPSS Низкий

Описание

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

Ссылки

https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423
Product
https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/
Mitigation
Third Party Advisory
https://youtu.be/OII16TteaJw
Broken Link
https://youtu.be/W2KPHFNfgrg
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ctan:mimetex:*:*:*:*:*:*:*:*

Версия до 1.77 (исключая)

EPSS

Процентиль: 7%

0.00028

Низкий

7.3 High

CVSS3

Дефекты

CWE-77

Связанные уязвимости

CVE-2024-40445

CVSS3: 7.3

ubuntu

10 месяцев назад

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

CVE-2024-40445

CVSS3: 7.3

debian

10 месяцев назад

A directory traversal vulnerability in forkosh Mime TeX before version ...

GHSA-4qhj-jmx7-8mr8

CVSS3: 7.3

github

10 месяцев назад

Directory Traversal vulnerability in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted file upload

EPSS

Процентиль: 7%

0.00028

Низкий

7.3 High

CVSS3

Дефекты

CWE-77