CVE-2024-32152 Information

Description

A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trigger this vulnerability.

Reference

https://talosintelligence.com/vulnerability_reports/TALOS-2024-1994