{"vulnerability": "CVE-2023-32700", "sightings": [{"uuid": "563a71d2-d4c9-4db8-8acb-6d5ab542a801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32700", "type": "seen", "source": "Telegram/g2xjaFir47riLEIt8aj_VNjy4RPUptu_MaW9_Sm8naEn_PJ6", "content": "", "creation_timestamp": "2025-02-01T17:28:10.000000Z"}, {"uuid": "8cbc18bd-a655-4d60-891e-15c193ff00a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32700", "type": "seen", "source": "https://t.me/cibsecurity/64490", "content": "\u203c CVE-2023-32700 \u203c\n\nLuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-20T22:24:07.000000Z"}]}