6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-39663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and...
CVE-2023-39663
creationtimestamp| type| source ---|---|--- 2023-08-30 00:17:49+00:00| seen| https://t.me/cibsecurity/69393...
@4qwerty7/mathjax-node-page (>=3.2.0 <=3.2.1), @4qwerty7/syzoj-renderer (>=1.0.7 <=1.2.1) +140 more potentially affected by CVE-2023-39663 via mathjax (>=2.6.1 <=2.7.9)
mathjax NPM version =2.6.1, =3.2.0, =1.0.7, =1.0.0, =1.0.0, =2.0.0, =1.0.36, =1.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =0.4.0, =0.1.1, =0.1.8 and more Source cves: CVE-2023-39663 Source advisory: OSV:GHSA-V638-Q856-GRG8...
CVE-2023-39663
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk...
CVE-2023-39663
CVE-2023-39663 affects MathJax up to v2.7.9. The issue is two Regular Expression Denial of Service (ReDoS) flaws in MathJax.js triggered via the components pattern and markdownPattern. The vendor disputes the risk on the basis that the regexes aren’t applied to user input. Documented impact from ...
CVE-2023-39663
Removed by vendor...