CVE-2024-25262 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-25262 PUBLISHED CVSS 8.100000381469727 HIGH

texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.

EPSS 0.14% · 34.2th percentile

Risk Scores

CVSS v3.1

8.100000381469727

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

EPSS Score

0.14%

34.2th percentile

Affected Products

Vendor	Product	Versions
tug	tex_live	c515e
n/a	n/a	n/a

Timeline

Feb 20, 2024 CVE Published
Feb 21, 2024 EPSS Score
Mar 18, 2024 EPSS Score
Apr 14, 2024 EPSS Score
May 10, 2024 EPSS Score
Jun 5, 2024 EPSS Score
Jul 1, 2024 EPSS Score
Jul 28, 2024 EPSS Score
Aug 23, 2024 EPSS Score
Sep 18, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 14, 2024 EPSS Score

References

Open in Interactive Console →