Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/texlive-bin@2018.20181218.49446-1
Typedeb
Namespacedebian
Nametexlive-bin
Version2018.20181218.49446-1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2026.20260303.78225+ds-1
Latest_non_vulnerable_version2026.20260303.78225+ds-1
Affected_by_vulnerabilities
0
url VCID-3gpv-93qp-bfhn
vulnerability_id VCID-3gpv-93qp-bfhn
summary 
A vulnerability in Kpathsea allows remote attackers to execute
    arbitrary commands by manipulating the -tex option from mpost program.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10243
reference_id
reference_type
scores
0
value 0.09885
scoring_system epss
scoring_elements 0.92969
published_at 2026-04-01T12:55:00Z
1
value 0.09885
scoring_system epss
scoring_elements 0.93017
published_at 2026-04-21T12:55:00Z
2
value 0.09885
scoring_system epss
scoring_elements 0.92997
published_at 2026-04-12T12:55:00Z
3
value 0.09885
scoring_system epss
scoring_elements 0.92998
published_at 2026-04-13T12:55:00Z
4
value 0.09885
scoring_system epss
scoring_elements 0.93008
published_at 2026-04-16T12:55:00Z
5
value 0.09885
scoring_system epss
scoring_elements 0.9301
published_at 2026-04-18T12:55:00Z
6
value 0.09885
scoring_system epss
scoring_elements 0.92978
published_at 2026-04-02T12:55:00Z
7
value 0.09885
scoring_system epss
scoring_elements 0.92982
published_at 2026-04-04T12:55:00Z
8
value 0.09885
scoring_system epss
scoring_elements 0.92981
published_at 2026-04-07T12:55:00Z
9
value 0.09885
scoring_system epss
scoring_elements 0.92989
published_at 2026-04-08T12:55:00Z
10
value 0.09885
scoring_system epss
scoring_elements 0.92994
published_at 2026-04-09T12:55:00Z
11
value 0.09885
scoring_system epss
scoring_elements 0.92999
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10243
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:P/I:P/A:P
1
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/
6
reference_url https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
reference_id
reference_type
scores
url https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/
7
reference_url https://www.tug.org/svn/texlive?view=revision&revision=42605
reference_id
reference_type
scores
url https://www.tug.org/svn/texlive?view=revision&revision=42605
8
reference_url http://www.debian.org/security/2017/dsa-3803
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3803
9
reference_url http://www.openwall.com/lists/oss-security/2017/03/05/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/03/05/1
10
reference_url http://www.securityfocus.com/bid/96593
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/96593
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1429452
reference_id 1429452
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1429452
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-10243
reference_id CVE-2016-10243
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-10243
18
reference_url https://security.gentoo.org/glsa/201709-07
reference_id GLSA-201709-07
reference_type
scores
url https://security.gentoo.org/glsa/201709-07
19
reference_url https://usn.ubuntu.com/3401-1/
reference_id USN-3401-1
reference_type
scores
url https://usn.ubuntu.com/3401-1/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
purl pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47dt-fhqh-pkag
1
vulnerability VCID-bqqh-5311-w7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1
aliases CVE-2016-10243
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gpv-93qp-bfhn
1
url VCID-47dt-fhqh-pkag
vulnerability_id VCID-47dt-fhqh-pkag
summary LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32668
reference_id
reference_type
scores
0
value 0.00057
scoring_system epss
scoring_elements 0.17924
published_at 2026-04-21T12:55:00Z
1
value 0.00057
scoring_system epss
scoring_elements 0.17951
published_at 2026-04-08T12:55:00Z
2
value 0.00057
scoring_system epss
scoring_elements 0.18011
published_at 2026-04-09T12:55:00Z
3
value 0.00057
scoring_system epss
scoring_elements 0.18028
published_at 2026-04-11T12:55:00Z
4
value 0.00057
scoring_system epss
scoring_elements 0.17983
published_at 2026-04-12T12:55:00Z
5
value 0.00057
scoring_system epss
scoring_elements 0.17933
published_at 2026-04-13T12:55:00Z
6
value 0.00057
scoring_system epss
scoring_elements 0.17876
published_at 2026-04-16T12:55:00Z
7
value 0.00057
scoring_system epss
scoring_elements 0.17887
published_at 2026-04-18T12:55:00Z
8
value 0.00057
scoring_system epss
scoring_elements 0.18111
published_at 2026-04-02T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.18164
published_at 2026-04-04T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.17864
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32668
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668
2
reference_url https://tug.org/pipermail/tex-live/2023-May/049188.html
reference_id 049188.html
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/
url https://tug.org/pipermail/tex-live/2023-May/049188.html
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470
reference_id 1036470
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470
4
reference_url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0
reference_id 1.17.0
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/
url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0
5
reference_url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3
reference_id ChangeLog#L1-L3
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/
url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3
6
reference_url https://tug.org/~mseven/luatex.html#luasocket
reference_id luatex.html#luasocket
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/
url https://tug.org/~mseven/luatex.html#luasocket
7
reference_url https://usn.ubuntu.com/6695-1/
reference_id USN-6695-1
reference_type
scores
url https://usn.ubuntu.com/6695-1/
8
reference_url https://usn.ubuntu.com/7985-1/
reference_id USN-7985-1
reference_type
scores
url https://usn.ubuntu.com/7985-1/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2
purl pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15kj-emtf-vbag
1
vulnerability VCID-22hs-pt9p-fbdn
2
vulnerability VCID-24vd-syhs-gbhc
3
vulnerability VCID-261q-t1h8-bufj
4
vulnerability VCID-2pzz-h5vd-wyah
5
vulnerability VCID-2unr-76q5-y7aw
6
vulnerability VCID-3a9d-3kme-73d2
7
vulnerability VCID-3v18-r2f3-1qdv
8
vulnerability VCID-4cy9-447q-mbf3
9
vulnerability VCID-4f2u-sskp-zkhu
10
vulnerability VCID-4ses-k1k7-9ycz
11
vulnerability VCID-4z3j-9yy6-u3eb
12
vulnerability VCID-5p9e-n6p5-mudd
13
vulnerability VCID-6fwt-gfj6-j7av
14
vulnerability VCID-72m2-st3u-uyfm
15
vulnerability VCID-76vf-yebs-mkg8
16
vulnerability VCID-7x9j-31fq-hkg2
17
vulnerability VCID-86bc-apbh-sbbn
18
vulnerability VCID-88vn-jepe-33c1
19
vulnerability VCID-8qwb-455y-bbcp
20
vulnerability VCID-8xnh-5jb4-uygz
21
vulnerability VCID-911d-pbx5-4qge
22
vulnerability VCID-97ds-z5dk-6kbu
23
vulnerability VCID-9e9z-hm4a-37ab
24
vulnerability VCID-9mn1-e4dm-nfhd
25
vulnerability VCID-a6an-r3tj-93ge
26
vulnerability VCID-ast7-b75m-7uh3
27
vulnerability VCID-bdbb-4kgq-y7ad
28
vulnerability VCID-bdke-da3n-37hw
29
vulnerability VCID-bw8n-jvsd-bqe9
30
vulnerability VCID-d4tp-mmgz-6udh
31
vulnerability VCID-dcjs-7eyq-a7gn
32
vulnerability VCID-e8ev-axf6-dbc3
33
vulnerability VCID-ecbh-vzp4-x7dr
34
vulnerability VCID-eeet-mw7y-rudx
35
vulnerability VCID-euy5-4h8q-hyb3
36
vulnerability VCID-fbkh-5sb9-auc5
37
vulnerability VCID-fkft-abbt-6ydx
38
vulnerability VCID-fymb-bvn2-p7ej
39
vulnerability VCID-fz4x-mcwe-aqgf
40
vulnerability VCID-gh4u-68x5-27db
41
vulnerability VCID-gsk7-273v-qfdz
42
vulnerability VCID-h73f-kd2u-5yg3
43
vulnerability VCID-hd3g-vc2p-4fhf
44
vulnerability VCID-hqv6-gney-2fgw
45
vulnerability VCID-hx8f-h823-kkhr
46
vulnerability VCID-jahu-d9d6-jbbt
47
vulnerability VCID-jxh3-k3es-bqah
48
vulnerability VCID-k5ue-ga1d-q7gv
49
vulnerability VCID-knp7-hye9-a3gv
50
vulnerability VCID-m7rd-mh53-bycu
51
vulnerability VCID-mm9w-wmdz-qye4
52
vulnerability VCID-msch-wzj9-h7ga
53
vulnerability VCID-n68j-881x-3uhp
54
vulnerability VCID-nckm-umvv-3qcn
55
vulnerability VCID-nk95-xdjm-vyfq
56
vulnerability VCID-nucx-up6e-ayb8
57
vulnerability VCID-nvrx-x1qs-vkdb
58
vulnerability VCID-p973-cuza-tuhp
59
vulnerability VCID-q4qv-tq4j-3uh2
60
vulnerability VCID-qdek-hd55-hbe2
61
vulnerability VCID-qjxs-qf6j-zycc
62
vulnerability VCID-rrqw-zrh2-33dn
63
vulnerability VCID-rype-ss6b-aude
64
vulnerability VCID-su1a-e49q-pffw
65
vulnerability VCID-t8bs-vvts-47ag
66
vulnerability VCID-tqm6-8w98-q3dr
67
vulnerability VCID-tz15-rmx4-pkdq
68
vulnerability VCID-u9ur-b18b-gfhr
69
vulnerability VCID-utve-4z7c-tkhk
70
vulnerability VCID-v7pb-brn7-v7ah
71
vulnerability VCID-v9pk-ecc9-yqbm
72
vulnerability VCID-vfty-pe45-pya4
73
vulnerability VCID-vk2y-ftzh-sqgh
74
vulnerability VCID-whjt-pvqp-jycr
75
vulnerability VCID-whmq-gsw4-sbgg
76
vulnerability VCID-wngf-qn2d-ykef
77
vulnerability VCID-ws93-jgn7-83c8
78
vulnerability VCID-xfy6-snb8-63av
79
vulnerability VCID-xrgb-9dwh-mubm
80
vulnerability VCID-xxn1-2trx-myhs
81
vulnerability VCID-xzdx-45tg-w7ft
82
vulnerability VCID-y2pg-cgqs-s3gb
83
vulnerability VCID-y4qh-ek9n-cyc1
84
vulnerability VCID-ys96-uhkv-2qgv
85
vulnerability VCID-zbsq-dfju-mkf5
86
vulnerability VCID-zqjn-srqb-kfcg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2
aliases CVE-2023-32668
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47dt-fhqh-pkag
2
url VCID-9kvx-465q-fkam
vulnerability_id VCID-9kvx-465q-fkam
summary texlive: arbitrary code execution allows document complied with older version
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-32700
reference_id
reference_type
scores
0
value 0.00249
scoring_system epss
scoring_elements 0.48125
published_at 2026-04-21T12:55:00Z
1
value 0.00426
scoring_system epss
scoring_elements 0.62244
published_at 2026-04-04T12:55:00Z
2
value 0.00426
scoring_system epss
scoring_elements 0.62214
published_at 2026-04-02T12:55:00Z
3
value 0.00426
scoring_system epss
scoring_elements 0.62316
published_at 2026-04-18T12:55:00Z
4
value 0.00426
scoring_system epss
scoring_elements 0.62309
published_at 2026-04-16T12:55:00Z
5
value 0.00426
scoring_system epss
scoring_elements 0.62264
published_at 2026-04-13T12:55:00Z
6
value 0.00426
scoring_system epss
scoring_elements 0.62286
published_at 2026-04-12T12:55:00Z
7
value 0.00426
scoring_system epss
scoring_elements 0.62296
published_at 2026-04-11T12:55:00Z
8
value 0.00426
scoring_system epss
scoring_elements 0.62277
published_at 2026-04-09T12:55:00Z
9
value 0.00426
scoring_system epss
scoring_elements 0.6226
published_at 2026-04-08T12:55:00Z
10
value 0.00426
scoring_system epss
scoring_elements 0.6221
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-32700
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://tug.org/pipermail/tex-live/2023-May/049188.html
reference_id 049188.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://tug.org/pipermail/tex-live/2023-May/049188.html
5
reference_url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0
reference_id 1.17.0
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2208943
reference_id 2208943
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2208943
7
reference_url https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984
reference_id build-svn66984
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984
8
reference_url https://tug.org/~mseven/luatex.html
reference_id luatex.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://tug.org/~mseven/luatex.html
9
reference_url https://access.redhat.com/errata/RHSA-2023:3661
reference_id RHSA-2023:3661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3661
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/
reference_id RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/
reference_id TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/
12
reference_url https://usn.ubuntu.com/6115-1/
reference_id USN-6115-1
reference_type
scores
url https://usn.ubuntu.com/6115-1/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
purl pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47dt-fhqh-pkag
1
vulnerability VCID-bqqh-5311-w7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1
aliases CVE-2023-32700
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9kvx-465q-fkam
3
url VCID-bqqh-5311-w7ca
vulnerability_id VCID-bqqh-5311-w7ca
summary texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-25262
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34509
published_at 2026-04-12T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34506
published_at 2026-04-18T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.34521
published_at 2026-04-16T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34484
published_at 2026-04-13T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.34578
published_at 2026-04-02T12:55:00Z
5
value 0.00142
scoring_system epss
scoring_elements 0.34605
published_at 2026-04-04T12:55:00Z
6
value 0.00142
scoring_system epss
scoring_elements 0.34473
published_at 2026-04-07T12:55:00Z
7
value 0.00142
scoring_system epss
scoring_elements 0.34516
published_at 2026-04-08T12:55:00Z
8
value 0.00142
scoring_system epss
scoring_elements 0.34545
published_at 2026-04-09T12:55:00Z
9
value 0.00142
scoring_system epss
scoring_elements 0.34548
published_at 2026-04-11T12:55:00Z
10
value 0.00325
scoring_system epss
scoring_elements 0.55557
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-25262
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517
reference_id 1064517
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517
3
reference_url https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912
reference_id 2047912
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/
url https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912
4
reference_url https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co
reference_id ChangeLog?revision=69605&view=co
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/
url https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co
5
reference_url https://usn.ubuntu.com/6695-1/
reference_id USN-6695-1
reference_type
scores
url https://usn.ubuntu.com/6695-1/
6
reference_url https://usn.ubuntu.com/7985-1/
reference_id USN-7985-1
reference_type
scores
url https://usn.ubuntu.com/7985-1/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2
purl pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-15kj-emtf-vbag
1
vulnerability VCID-22hs-pt9p-fbdn
2
vulnerability VCID-24vd-syhs-gbhc
3
vulnerability VCID-261q-t1h8-bufj
4
vulnerability VCID-2pzz-h5vd-wyah
5
vulnerability VCID-2unr-76q5-y7aw
6
vulnerability VCID-3a9d-3kme-73d2
7
vulnerability VCID-3v18-r2f3-1qdv
8
vulnerability VCID-4cy9-447q-mbf3
9
vulnerability VCID-4f2u-sskp-zkhu
10
vulnerability VCID-4ses-k1k7-9ycz
11
vulnerability VCID-4z3j-9yy6-u3eb
12
vulnerability VCID-5p9e-n6p5-mudd
13
vulnerability VCID-6fwt-gfj6-j7av
14
vulnerability VCID-72m2-st3u-uyfm
15
vulnerability VCID-76vf-yebs-mkg8
16
vulnerability VCID-7x9j-31fq-hkg2
17
vulnerability VCID-86bc-apbh-sbbn
18
vulnerability VCID-88vn-jepe-33c1
19
vulnerability VCID-8qwb-455y-bbcp
20
vulnerability VCID-8xnh-5jb4-uygz
21
vulnerability VCID-911d-pbx5-4qge
22
vulnerability VCID-97ds-z5dk-6kbu
23
vulnerability VCID-9e9z-hm4a-37ab
24
vulnerability VCID-9mn1-e4dm-nfhd
25
vulnerability VCID-a6an-r3tj-93ge
26
vulnerability VCID-ast7-b75m-7uh3
27
vulnerability VCID-bdbb-4kgq-y7ad
28
vulnerability VCID-bdke-da3n-37hw
29
vulnerability VCID-bw8n-jvsd-bqe9
30
vulnerability VCID-d4tp-mmgz-6udh
31
vulnerability VCID-dcjs-7eyq-a7gn
32
vulnerability VCID-e8ev-axf6-dbc3
33
vulnerability VCID-ecbh-vzp4-x7dr
34
vulnerability VCID-eeet-mw7y-rudx
35
vulnerability VCID-euy5-4h8q-hyb3
36
vulnerability VCID-fbkh-5sb9-auc5
37
vulnerability VCID-fkft-abbt-6ydx
38
vulnerability VCID-fymb-bvn2-p7ej
39
vulnerability VCID-fz4x-mcwe-aqgf
40
vulnerability VCID-gh4u-68x5-27db
41
vulnerability VCID-gsk7-273v-qfdz
42
vulnerability VCID-h73f-kd2u-5yg3
43
vulnerability VCID-hd3g-vc2p-4fhf
44
vulnerability VCID-hqv6-gney-2fgw
45
vulnerability VCID-hx8f-h823-kkhr
46
vulnerability VCID-jahu-d9d6-jbbt
47
vulnerability VCID-jxh3-k3es-bqah
48
vulnerability VCID-k5ue-ga1d-q7gv
49
vulnerability VCID-knp7-hye9-a3gv
50
vulnerability VCID-m7rd-mh53-bycu
51
vulnerability VCID-mm9w-wmdz-qye4
52
vulnerability VCID-msch-wzj9-h7ga
53
vulnerability VCID-n68j-881x-3uhp
54
vulnerability VCID-nckm-umvv-3qcn
55
vulnerability VCID-nk95-xdjm-vyfq
56
vulnerability VCID-nucx-up6e-ayb8
57
vulnerability VCID-nvrx-x1qs-vkdb
58
vulnerability VCID-p973-cuza-tuhp
59
vulnerability VCID-q4qv-tq4j-3uh2
60
vulnerability VCID-qdek-hd55-hbe2
61
vulnerability VCID-qjxs-qf6j-zycc
62
vulnerability VCID-rrqw-zrh2-33dn
63
vulnerability VCID-rype-ss6b-aude
64
vulnerability VCID-su1a-e49q-pffw
65
vulnerability VCID-t8bs-vvts-47ag
66
vulnerability VCID-tqm6-8w98-q3dr
67
vulnerability VCID-tz15-rmx4-pkdq
68
vulnerability VCID-u9ur-b18b-gfhr
69
vulnerability VCID-utve-4z7c-tkhk
70
vulnerability VCID-v7pb-brn7-v7ah
71
vulnerability VCID-v9pk-ecc9-yqbm
72
vulnerability VCID-vfty-pe45-pya4
73
vulnerability VCID-vk2y-ftzh-sqgh
74
vulnerability VCID-whjt-pvqp-jycr
75
vulnerability VCID-whmq-gsw4-sbgg
76
vulnerability VCID-wngf-qn2d-ykef
77
vulnerability VCID-ws93-jgn7-83c8
78
vulnerability VCID-xfy6-snb8-63av
79
vulnerability VCID-xrgb-9dwh-mubm
80
vulnerability VCID-xxn1-2trx-myhs
81
vulnerability VCID-xzdx-45tg-w7ft
82
vulnerability VCID-y2pg-cgqs-s3gb
83
vulnerability VCID-y4qh-ek9n-cyc1
84
vulnerability VCID-ys96-uhkv-2qgv
85
vulnerability VCID-zbsq-dfju-mkf5
86
vulnerability VCID-zqjn-srqb-kfcg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2
aliases CVE-2024-25262
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bqqh-5311-w7ca
4
url VCID-tju2-c87e-5kcx
vulnerability_id VCID-tju2-c87e-5kcx
summary In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-18604
reference_id
reference_type
scores
0
value 0.00198
scoring_system epss
scoring_elements 0.41859
published_at 2026-04-21T12:55:00Z
1
value 0.00198
scoring_system epss
scoring_elements 0.4193
published_at 2026-04-18T12:55:00Z
2
value 0.00198
scoring_system epss
scoring_elements 0.41851
published_at 2026-04-01T12:55:00Z
3
value 0.00198
scoring_system epss
scoring_elements 0.41916
published_at 2026-04-02T12:55:00Z
4
value 0.00198
scoring_system epss
scoring_elements 0.41944
published_at 2026-04-04T12:55:00Z
5
value 0.00198
scoring_system epss
scoring_elements 0.41871
published_at 2026-04-07T12:55:00Z
6
value 0.00198
scoring_system epss
scoring_elements 0.41922
published_at 2026-04-08T12:55:00Z
7
value 0.00198
scoring_system epss
scoring_elements 0.41933
published_at 2026-04-09T12:55:00Z
8
value 0.00198
scoring_system epss
scoring_elements 0.41957
published_at 2026-04-11T12:55:00Z
9
value 0.00198
scoring_system epss
scoring_elements 0.41921
published_at 2026-04-12T12:55:00Z
10
value 0.00198
scoring_system epss
scoring_elements 0.41908
published_at 2026-04-13T12:55:00Z
11
value 0.00198
scoring_system epss
scoring_elements 0.41958
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-18604
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604
2
reference_url https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a
reference_id
reference_type
scores
url https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a
3
reference_url https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-18604
reference_id CVE-2019-18604
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2019-18604
7
reference_url https://usn.ubuntu.com/6695-1/
reference_id USN-6695-1
reference_type
scores
url https://usn.ubuntu.com/6695-1/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
purl pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-47dt-fhqh-pkag
1
vulnerability VCID-bqqh-5311-w7ca
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1
aliases CVE-2019-18604
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tju2-c87e-5kcx
Fixing_vulnerabilities
0
url VCID-z8b6-9u9h-gkcp
vulnerability_id VCID-z8b6-9u9h-gkcp
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17407
reference_id
reference_type
scores
0
value 0.01357
scoring_system epss
scoring_elements 0.8009
published_at 2026-04-01T12:55:00Z
1
value 0.01357
scoring_system epss
scoring_elements 0.80169
published_at 2026-04-21T12:55:00Z
2
value 0.01357
scoring_system epss
scoring_elements 0.80136
published_at 2026-04-13T12:55:00Z
3
value 0.01357
scoring_system epss
scoring_elements 0.80166
published_at 2026-04-18T12:55:00Z
4
value 0.01357
scoring_system epss
scoring_elements 0.80098
published_at 2026-04-02T12:55:00Z
5
value 0.01357
scoring_system epss
scoring_elements 0.80118
published_at 2026-04-04T12:55:00Z
6
value 0.01357
scoring_system epss
scoring_elements 0.80105
published_at 2026-04-07T12:55:00Z
7
value 0.01357
scoring_system epss
scoring_elements 0.80134
published_at 2026-04-08T12:55:00Z
8
value 0.01357
scoring_system epss
scoring_elements 0.80141
published_at 2026-04-09T12:55:00Z
9
value 0.01357
scoring_system epss
scoring_elements 0.8016
published_at 2026-04-11T12:55:00Z
10
value 0.01357
scoring_system epss
scoring_elements 0.80144
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17407
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1632802
reference_id 1632802
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1632802
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317
reference_id 909317
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317
6
reference_url https://security.archlinux.org/ASA-201812-4
reference_id ASA-201812-4
reference_type
scores
url https://security.archlinux.org/ASA-201812-4
7
reference_url https://security.archlinux.org/AVG-770
reference_id AVG-770
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-770
8
reference_url https://access.redhat.com/errata/RHSA-2020:1036
reference_id RHSA-2020:1036
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1036
9
reference_url https://usn.ubuntu.com/3788-1/
reference_id USN-3788-1
reference_type
scores
url https://usn.ubuntu.com/3788-1/
10
reference_url https://usn.ubuntu.com/3788-2/
reference_id USN-3788-2
reference_type
scores
url https://usn.ubuntu.com/3788-2/
fixed_packages
0
url pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%2Bdeb9u1
purl pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gpv-93qp-bfhn
1
vulnerability VCID-47dt-fhqh-pkag
2
vulnerability VCID-9kvx-465q-fkam
3
vulnerability VCID-bqqh-5311-w7ca
4
vulnerability VCID-tju2-c87e-5kcx
5
vulnerability VCID-z8b6-9u9h-gkcp
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%252Bdeb9u1
1
url pkg:deb/debian/texlive-bin@2018.20181218.49446-1
purl pkg:deb/debian/texlive-bin@2018.20181218.49446-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3gpv-93qp-bfhn
1
vulnerability VCID-47dt-fhqh-pkag
2
vulnerability VCID-9kvx-465q-fkam
3
vulnerability VCID-bqqh-5311-w7ca
4
vulnerability VCID-tju2-c87e-5kcx
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2018.20181218.49446-1
aliases CVE-2018-17407
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z8b6-9u9h-gkcp
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2018.20181218.49446-1