anki
PyPI3 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting ankipage 1 of 1
- CVE-2024-26020CRITICALCVSS 9.6EG 9.6✓ Fixed in 24.062024-07-22
vulnerable: 2.1.24 ... 24.4rc2 (138 versions)
An arbitrary script execution vulnerability exists in the MPV functionality of Ankitects Anki 24.04. A specially crafted flashcard can lead to a arbitrary code execution. An attacker can send malicious flashcard to trigger this vulnerabili…
- CVE-2024-29073MEDIUMCVSS 5.3EG 5.3✓ Fixed in 24.62024-07-22
vulnerable: 2.1.24 ... 24.4rc2 (138 versions)
An vulnerability in the handling of Latex exists in Ankitects Anki 24.04. When Latex is sanitized to prevent unsafe commands, the verbatim package, which comes installed by default in many Latex distributions, has been overlooked. A specia…
- CVE-2024-32152LOWCVSS 3.1EG 3.1✓ Fixed in 24.62024-07-22
vulnerable: 2.1.24 ... 24.4rc2 (138 versions)
A blocklist bypass vulnerability exists in the LaTeX functionality of Ankitects Anki 24.04. A specially crafted malicious flashcard can lead to an arbitrary file creation at a fixed path. An attacker can share a malicious flashcard to trig…
Check whether anki is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for anki CVEs against the assets you own.
Start Free Scan →