CVE-2024-45312
- Source
- https://cve.org/CVERecord?id=CVE-2024-45312
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45312.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-45312
- Aliases
-
- GHSA-pxm4-p454-vppg
- Published
- 2024-09-02T16:50:08.305Z
- Modified
- 2026-04-02T12:22:59.475940Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- Arbitrary language parameter can passed to `aspell` executable via spelling requests in overleaf
- Details
-
Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 (or 4.2.7 for the 4.x series) contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the
aspellexecutable running on the server. This causesaspellto attempt to load a dictionary file with an arbitrary filename. File access is limited to the scope of the overleaf server. The problem is patched in versions 5.0.7 and 4.2.7. Previous versions can be upgraded using the Overleaf toolkitbin/upgradecommand. Users unable to upgrade may block POST requests to/spelling/checkvia a Web Application Firewall will prevent access to the vulnerable spell check feature. However, upgrading is advised. - Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/45xxx/CVE-2024-45312.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-22", "CWE-641" ] }- References
-
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/45xxx/CVE-2024-45312.json
- https://github.com/overleaf/overleaf/security/advisories/GHSA-pxm4-p454-vppg
- https://nvd.nist.gov/vuln/detail/CVE-2024-45312
- https://github.com/overleaf/overleaf/commit/b5e5d39c3ad4e7763d42b837738955f8ded4dcd3
- https://github.com/overleaf/toolkit
Affected packages
Git / github.com/overleaf/overleaf
Affected ranges
- Type
- GIT
- Repo
- https://github.com/overleaf/overleaf
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.2.7"
}
]
},
{
"events": [
{
"introduced": "4.0.0"
},
{
"fixed": "4.2.7"
}
]
},
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.7"
}
]
},
{
"events": [
{
"introduced": "5.0.0"
},
{
"fixed": "5.0.7"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45312.json"