8 matches found
TencentOS Server 4: mathjax (TSSA-2025:0638)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0638 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
EUVD-2018-0212
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2023-39663
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and...
Moodle 5.x < 5.0.1 Reflected Cross-Site Scripting
According to its self-reported version, the Moodle install hosted on the remote host is 5.x prior to 5.0.1 . It is, therefore, affected by a Reflected XSS in MathJax. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version numbe...
@4qwerty7/mathjax-node-page (>=3.2.0 <=3.2.1), @4qwerty7/syzoj-renderer (>=1.0.7 <=1.2.1) +139 more potentially affected by CVE-2023-39663 via mathjax (>=2.6.1 <=2.7.9)
mathjax NPM version =2.6.1, =3.2.0, =1.0.7, =1.0.0, =1.0.0, =2.0.0, =1.0.36, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =0.4.0, =0.1.1, =0.0.1, =0.0.13 and more Source cves: CVE-2023-39663 Source advisory: OSV:GHSA-V638-Q856-GRG8...
MathJax 安全漏洞
MathJax is an open source JavaScript display engine for LaTeX, MathML and AsciiMath representations for all modern browsers. A security vulnerability exists in MathJax version v2.7.9 and earlier. An attacker could exploit this vulnerability to conduct a regular expression denial of service attack...
PT-2023-27062 · Mathjax · Mathjax
Name of the Vulnerable Software and Affected Versions: Mathjax versions up to v2.7.9 Description: The issue concerns two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and markdownPattern. However, the vendor disputes this, stating that the...
AZL-41294 CVE-2018-1999024 affecting package numpy for versions less than 1.26.3-4
MathJax version prior to version 2.7.4 contains a Cross Site Scripting XSS vulnerability in the \unicode macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processe...