Fluid Attacks Database

Description

Tex Live 944e257 has a NULL pointer dereference in texk/web2c/pdftexdir/writet1.c. NOTE: this is disputed because it should be categorized as a usability problem.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 14	texlive-bin	=2024.20240313.70630+ds-6 \|\| =2025.20250727.75242+ds-1 \|\| =2025.20250727.75242+ds-2 \|\| =2025.20250727.75242+ds-3 \|\| =2025.20250727.75242+ds-4 \|\| =2025.20250727.75242+ds-5 \|\| =2025.20250727.75242+ds-5~hurd.1 \|\| =2026.20260303.78225+ds-1 \|\| =2026.20260303.78225+ds-2 \|\| =2026.20260303.78225+ds-3
debian 11	texlive-bin	=2020.20200327.54578-7 \|\| =2020.20200327.54578-7+deb11u1 \|\| =2020.20200327.54578-7+deb11u2 \|\| =2021.20210626.59705-1 \|\| =2022.20220321.62855-1 \|\| =2022.20220321.62855-2 \|\| =2022.20220321.62855-3 \|\| =2022.20220321.62855-4 \|\| =2022.20220321.62855-5 \|\| =2022.20220321.62855-5.1 \|\| =2022.20220321.62855-6 \|\| =2022.20220321.62855-7 \|\| =2022.20220321.62855-8 \|\| =2023.20230311.66589-1 \|\| =2023.20230311.66589-2 \|\| =2023.20230311.66589-3 \|\| =2023.20230311.66589-4 \|\| =2023.20230311.66589-5 \|\| =2023.20230311.66589-6 \|\| =2023.20230311.66589-7 \|\| =2023.20230311.66589-8 \|\| =2023.20230311.66589-9 \|\| =2024.20240313.70630+ds-1 \|\| =2024.20240313.70630+ds-2 \|\| =2024.20240313.70630+ds-3 \|\| =2024.20240313.70630+ds-4 \|\| =2024.20240313.70630+ds-5 \|\| =2024.20240313.70630+ds-6 \|\| =2025.20250727.75242+ds-1 \|\| =2025.20250727.75242+ds-2 \|\| =2025.20250727.75242+ds-3 \|\| =2025.20250727.75242+ds-4 \|\| =2025.20250727.75242+ds-5 \|\| =2025.20250727.75242+ds-5~hurd.1 \|\| =2026.20260303.78225+ds-1 \|\| =2026.20260303.78225+ds-2 \|\| =2026.20260303.78225+ds-3
debian 12	texlive-bin	=2022.20220321.62855-5.1 \|\| =2022.20220321.62855-5.1+deb12u1 \|\| =2022.20220321.62855-5.1+deb12u2 \|\| =2022.20220321.62855-6 \|\| =2022.20220321.62855-7 \|\| =2022.20220321.62855-8 \|\| =2023.20230311.66589-1 \|\| =2023.20230311.66589-2 \|\| =2023.20230311.66589-3 \|\| =2023.20230311.66589-4 \|\| =2023.20230311.66589-5 \|\| =2023.20230311.66589-6 \|\| =2023.20230311.66589-7 \|\| =2023.20230311.66589-8 \|\| =2023.20230311.66589-9 \|\| =2024.20240313.70630+ds-1 \|\| =2024.20240313.70630+ds-2 \|\| =2024.20240313.70630+ds-3 \|\| =2024.20240313.70630+ds-4 \|\| =2024.20240313.70630+ds-5 \|\| =2024.20240313.70630+ds-6 \|\| =2025.20250727.75242+ds-1 \|\| =2025.20250727.75242+ds-2 \|\| =2025.20250727.75242+ds-3 \|\| =2025.20250727.75242+ds-4 \|\| =2025.20250727.75242+ds-5 \|\| =2025.20250727.75242+ds-5~hurd.1 \|\| =2026.20260303.78225+ds-1 \|\| =2026.20260303.78225+ds-2 \|\| =2026.20260303.78225+ds-3
debian 13	texlive-bin	=2024.20240313.70630+ds-6 \|\| =2025.20250727.75242+ds-1 \|\| =2025.20250727.75242+ds-2 \|\| =2025.20250727.75242+ds-3 \|\| =2025.20250727.75242+ds-4 \|\| =2025.20250727.75242+ds-5 \|\| =2025.20250727.75242+ds-5~hurd.1 \|\| =2026.20260303.78225+ds-1 \|\| =2026.20260303.78225+ds-2 \|\| =2026.20260303.78225+ds-3

Aliases

1. CVE-2023-460482. NVD-2023-460483. OSV-DEBIAN-2023-460484. OSV-2023-460485. SECURITY-TRACKER-CVE-2023-46048

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.