CVE-2024-43426

Summary

A flaw was found in pdfTeX. Insufficient sanitizing in the TeX notation filter resulted in an arbitrary file read risk on sites where pdfTeX is available, such as those with TeX Live installed.

Affected Software

VendorProductVersion RangeStatus
0 < 4.1.12affected
4.2 < 4.2.9affected
4.3 < 4.3.6affected
4.4 < 4.4.2affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References