Every CVE whose affected-product data names Luatex Project Luatex, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-32700 — CVSS 7.8 (high): LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs…
CVE-2023-32668 — CVSS 5.5 (medium): LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full…