How severe is CVE-2024-40445?

CVE-2024-40445 has a CVSS v3 score of 7.3 (HIGH).

CVE-2024-40445

Name: mimetex
Author: ctan

7.3HIGH

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

Опубликовано: 4/22/2025Обновлено: 6/23/2025

Описание

A directory traversal vulnerability in forkosh Mime TeX before version 1.77 allows attackers on Windows systems to read or append arbitrary files by manipulating crafted input paths.

ИИ-АнализНа базе ИИ

Затронутые продукты

ctanmimetex

Ссылки

https://github.com/Oefenweb/mimetex/blob/master/mimetex.c#L12414-L12423
Product
https://github.com/TaiYou-TW/CVE-2024-40445_CVE-2024-40446/
MitigationThird Party Advisory
https://youtu.be/OII16TteaJw
Broken Link
https://youtu.be/W2KPHFNfgrg
Broken Link