Количество 4
Количество 4
CVE-2024-28245
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.
CVE-2024-28245
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.
CVE-2024-28245
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ...
GHSA-f98w-7cxr-ff2h
KaTeX's `\includegraphics` does not escape filename
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-28245 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability. | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
 | CVE-2024-28245 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability. | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
| CVE-2024-28245 KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX ... | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
| GHSA-f98w-7cxr-ff2h KaTeX's `\includegraphics` does not escape filename | CVSS3: 6.3 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу