CVE-2024-45312

CVSS V2 None CVSS V3 None

Description

Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 (or 4.2.7 for the 4.x series) contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the `aspell` executable running on the server. This causes `aspell` to attempt to load a dictionary file with an arbitrary filename. File access is limited to the scope of the overleaf server. The problem is patched in versions 5.0.7 and 4.2.7. Previous versions can be upgraded using the Overleaf toolkit `bin/upgrade` command. Users unable to upgrade may block POST requests to `/spelling/check` via a Web Application Firewall will prevent access to the vulnerable spell check feature. However, upgrading is advised.

Overview

CVE ID
CVE-2024-45312

Assigner
GitHub_M

Vulnerability Status
PUBLISHED

Published Version
2024-09-02T16:50:08.305Z

Last Modified Date
2024-09-02T16:50:08.305Z

Weakness Enumerations

CWE	URL
CWE-641	http://cwe.mitre.org/data/definitions/641.html
CWE-22	http://cwe.mitre.org/data/definitions/22.html

References

Reference URL	Reference Tags
https://github.com/overleaf/overleaf/security/advisories/GHSA-pxm4-p454-vppg	x_refsource_CONFIRM
https://github.com/overleaf/overleaf/commit/b5e5d39c3ad4e7763d42b837738955f8ded4dcd3	x_refsource_MISC
https://github.com/overleaf/toolkit	x_refsource_MISC

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-45312
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45312

History

Created	Old Value	New Value	Data Type	Notes
2024-09-03 13:07:21				Added to TrackCVE