TaiYou-TW/CVE-2024-40445_CVE-2024-40446

Releases0

This repository serves as the public reference for CVE-2024-40445 and CVE-2024-40446. Both vulnerabilities impact MimeTeX, an open-source software package for rendering LaTeX expressions, which appears to be no longer maintained.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-40445 ↗	Apr 22, 2025Tuesday, 22 April 2025, 14:15	7.3 HIGH	—
A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.
CVE-2024-40446 ↗	Apr 22, 2025Tuesday, 22 April 2025, 14:15	9.8 CRITICAL	—
An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script