Vulnerabilities > TUG > Texlive > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-08-25 CVE-2015-5701 Link Following vulnerability in TUG Texlive
mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.
local
low complexity
tug CWE-59
5.6
5.6
2017-08-25 CVE-2015-5700 Link Following vulnerability in TUG Texlive
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack.
local
low complexity
tug CWE-59
5.6
5.6