CVE-2024-28245 KaTeX's \includegraphics does not escape filename

2024-03-2519:53:01

CWE-116

GitHub_M

www.cve.org

katex

security vulnerability

javascript execution

mathematical expressions

upgrade

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

9.0%

JSON

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \includegraphics that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.

CNA Affected

[
  {
    "vendor": "KaTeX",
    "product": "KaTeX",
    "versions": [
      {
        "version": ">= 0.11.0, < 0.6.10",
        "status": "affected"
      }
    ]
  }
]