漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specially crafted flashcard can lead to an arbitrary file read. An attacker can share a flashcard to trigger this vulnerability.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Vulnerability Type
从非可信控制范围包含功能例程
Vulnerability Title
Ankitects Anki 安全漏洞
Vulnerability Description
Ankitects Anki是Ankitects开源的一个开源程序通过使用闪存卡来帮助记忆信息。 Ankitects Anki 24.04版本存在安全漏洞,该漏洞源于当对Latex进行清理以防止不安全的命令时,特制的闪存卡可能导致任意文件读取。
CVSS Information
N/A
Vulnerability Type
N/A