CVE-2024-43426

Опубликовано: 07 нояб. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=2304254
Permissions Required
https://moodle.org/mod/forum/discuss.php?d=461194
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.1.0 (включая) до 4.1.12 (исключая)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.2.0 (включая) до 4.2.9 (исключая)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.3.0 (включая) до 4.3.6 (исключая)

cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

Версия от 4.4.0 (включая) до 4.4.2 (исключая)

EPSS

Процентиль: 22%

0.0007

Низкий

7.5 High

CVSS3

Дефекты

CWE-1287

Связанные уязвимости

CVE-2024-43426

CVSS3: 7.5

ubuntu

9 месяцев назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

CVE-2024-43426

CVSS3: 7.5

debian

9 месяцев назад

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notatio ...

GHSA-vjmm-r9gg-425m

CVSS3: 7.5

github

9 месяцев назад

Moodle has arbitrary file read risk through pdfTeX

EPSS

Процентиль: 22%

0.0007

Низкий

7.5 High

CVSS3

Дефекты

CWE-1287