Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-45312

Good to know:

icon

Date: September 2, 2024

Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 (or 4.2.7 for the 4.x series) contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the `aspell` executable running on the server. This causes `aspell` to attempt to load a dictionary file with an arbitrary filename. File access is limited to the scope of the overleaf server. The problem is patched in versions 5.0.7 and 4.2.7. Previous versions can be upgraded using the Overleaf toolkit `bin/upgrade` command. Users unable to upgrade may block POST requests to `/spelling/check` via a Web Application Firewall will prevent access to the vulnerable spell check feature. However, upgrading is advised.

Language: JS

Severity Score

Related Resources (5)

https://github.com/overleaf/overleaf/commit/b5e5d39c3ad4e7763d42b837738955f8ded4dcd3
https://nvd.nist.gov/vuln/detail/CVE-2024-45312
https://github.com/overleaf/toolkit
https://github.com/overleaf/overleaf/security/advisories/GHSA-pxm4-p454-vppg
https://www.mend.io/vulnerability-database/CVE-2024-45312

Severity Score

Weakness Type (CWE)

Injection

CWE-74

Path Traversal

CWE-22

Improper Restriction of Names for Files and Other Resources

CWE-641

Top Fix

icon

Upgrade Version

Upgrade to version b5e5d39c3ad4e7763d42b837738955f8ded4dcd3

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us