Описание
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | not a vulnerability |
| esm-apps/bionic | ignored | not a vulnerability |
| esm-apps/focal | ignored | not a vulnerability |
| esm-apps/xenial | ignored | not a vulnerability |
| esm-infra-legacy/trusty | ignored | not a vulnerability |
| focal | ignored | end of standard support, was ignored [not a vulnerability] |
| jammy | ignored | not a vulnerability |
| lunar | ignored | end of life, was ignored [not a vulnerability] |
| trusty | ignored | end of standard support |
Показывать по
7.5 High
CVSS3
Связанные уязвимости
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service (ReDoS) vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk.
Mathjax up to v2.7.9 was discovered to contain two Regular expression ...
MathJax Regular expression Denial of Service (ReDoS)
7.5 High
CVSS3