Lucene search
K

5 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-0807

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00406EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-28246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's trust option, specifically that provides a function to blacklist certain...

5.5CVSS5.7AI score0.00406EPSS
Exploits0References2
CVE
CVE
added 2025/01/17 9:25 p.m.71 views

CVE-2025-23207

CVE-2025-23207 affects KaTeX, a JavaScript library for web math rendering. The vulnerability arises when untrusted expressions are rendered via renderToString, where malicious input using \htmlData can execute arbitrary JavaScript or produce invalid HTML. The public advisories recommend upgrading...

7.2CVSS6.4AI score0.00381EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/01/17 9:25 p.m.12 views

CVE-2025-23207 \htmlData does not validate attribute names in KaTeX

KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with renderToString could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade t...

6.3CVSS6.4AI score0.00381EPSS
Exploits0References4
OSV
OSV
added 2024/03/25 8:15 p.m.3 views

DEBIAN-CVE-2024-28245

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \includegraphics that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability...

6.1CVSS6.6AI score0.00406EPSS
Exploits0References1
Rows per page
Query Builder