INFSA-2023:3661: texlive security update
Information about definition
Identificator: INFSA-2023:3661
Type: security
Release date: 2025-03-05 17:52:53 UTC
Information about package
The texlive packages contain TeXLive, an implementation of TeX for Linux or UNIX systems.
Vulnerabilities description
- CVE-2023-32700
An arbitrary code execution vulnerability was found in LuaTeX (TeX Live) that allows any document compiled with older versions of LuaTeX to execute arbitrary shell commands, even with shell escape disabled.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2023-32700
|
no information | 7.8 | no information |
Updated packages