UBUNTU-CVE-2017-17513

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2017-17513
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-17513.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2017-17513
Related
Published
2017-12-14T16:29:00Z
Modified
2025-04-23T15:09:39Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

TeX Live through 20170524 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, related to linked_scripts/context/stubs/unix/mtxrun, texmf-dist/scripts/context/stubs/mswin/mtxrun.lua, and texmf-dist/tex/luatex/lualibs/lualibs-os.lua.

References

Affected packages

Ubuntu:Pro:16.04:LTS / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2015.20160320-1ubuntu0.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2015.*

2015.20150625-1ubuntu1
2015.20151116-1ubuntu1
2015.20151225-1
2015.20160117-1
2015.20160215-1
2015.20160223-1
2015.20160320-1
2015.20160320-1ubuntu0.1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:16.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2015.20160222.37495-1ubuntu0.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2015.*

2015.20150524.37493-5build1
2015.20150524.37493-7
2015.20150524.37493-7build1
2015.20150524.37493-7build4
2015.20160222.37495-1
2015.20160222.37495-1ubuntu0.1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:16.04:LTS / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2015.05.18.20150601-2?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2015.*

2015.05.18.20150601-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:18.04:LTS / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2017.20180305-1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2017.*

2017.20170818-1
2017.20171031-1
2017.20171128-1
2017.20180110-1
2017.20180225-1
2017.20180305-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:18.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2017.20170613.44572-8ubuntu0.2?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2017.*

2017.20170613.44572-5build1
2017.20170613.44572-5build2
2017.20170613.44572-6
2017.20170613.44572-6build1
2017.20170613.44572-6ubuntu1
2017.20170613.44572-8build1
2017.20170613.44572-8ubuntu0.1
2017.20170613.44572-8ubuntu0.2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:18.04:LTS / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2017.05.15.20170613-2?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2017.*

2017.05.15.20170613-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:20.04:LTS / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2019.03.21.20190425-2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2019.*

2019.03.21.20190425-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:20.04:LTS / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2019.20200218-1?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2019.*

2019.20190710-1
2019.20191112-1
2019.20191208-4
2019.20191208-4ubuntu2
2019.20200218-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:20.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2019.20190605.51237-3ubuntu0.2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2019.*

2019.20190605.51237-2build1
2019.20190605.51237-3
2019.20190605.51237-3build1
2019.20190605.51237-3build2
2019.20190605.51237-3ubuntu0.1
2019.20190605.51237-3ubuntu0.2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:22.04:LTS / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2021.03.05.20220211-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2020.*

2020.03.10.20200331-1

2021.*

2021.03.05.20220211-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:22.04:LTS / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2021.20220204-1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2020.*

2020.20210202-3

2021.*

2021.20211127-1
2021.20211217-1
2021.20220204-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:22.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2021.20210626.59705-1ubuntu0.2?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2020.*

2020.20200327.54578-7
2020.20200327.54578-7build1

2021.*

2021.20210626.59705-1
2021.20210626.59705-1build1
2021.20210626.59705-1ubuntu0.1
2021.20210626.59705-1ubuntu0.2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.10 / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2024.04.01.20240428+dfsg-2?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.05.05.20230730+dfsg-2

2024.*

2024.04.01.20240428+dfsg-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.10 / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2024.20240706-1?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.20240207-1

2024.*

2024.20240401-2
2024.20240401-3
2024.20240706-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.10 / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2024.20240313.70630+ds-4?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.20230311.66589-9build3

2024.*

2024.20240313.70630+ds-2
2024.20240313.70630+ds-4

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.04:LTS / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2023.05.05.20230730+dfsg-2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2021.*

2021.03.05.20230120+dfsg-2

2023.*

2023.05.05.20230730+dfsg-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.04:LTS / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2023.20240207-1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.20230613-3
2023.20231007-1
2023.20231207-1
2023.20240207-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.04:LTS / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2023.20230311.66589-9build3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2023.*

2023.20230311.66589-6
2023.20230311.66589-7
2023.20230311.66589-8
2023.20230311.66589-8build1
2023.20230311.66589-9
2023.20230311.66589-9build2
2023.20230311.66589-9build3

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:25.04 / context

Package

Name
context
Purl
pkg:deb/ubuntu/context@2024.04.01.20240428+dfsg-2?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2024.*

2024.04.01.20240428+dfsg-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:25.04 / texlive-base

Package

Name
texlive-base
Purl
pkg:deb/ubuntu/texlive-base@2024.20250309-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2024.*

2024.20240706-1
2024.20241102-1
2024.20241115-1
2024.20250114-1
2024.20250309-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:25.04 / texlive-bin

Package

Name
texlive-bin
Purl
pkg:deb/ubuntu/texlive-bin@2024.20240313.70630+ds-6?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2024.*

2024.20240313.70630+ds-4
2024.20240313.70630+ds-5
2024.20240313.70630+ds-5build1
2024.20240313.70630+ds-5build2
2024.20240313.70630+ds-6

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}