CVE-2024-28244 KaTeX's maxExpand bypassed by Unicode sub/superscripts

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. KaTeX supports an option named...

CVE-2024-28244 KaTeX's maxExpand bypassed by Unicode sub/superscripts

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. KaTeX supports an option named...

CVE-2024-28244

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. KaTeX supports an option named...

CVE-2024-28243 KaTeX's maxExpand bypassed by \edef

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...

CVE-2024-28243 KaTeX's maxExpand bypassed by \edef

KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where...

WordPress Rank Math SEO Plugin <= 1.0.214 is vulnerable to Cross Site Scripting (XSS)

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.214 Fixed in 1.0.215 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2536 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f1189e63f4f4 Credits Ngô Thiên An ancorn...

Rank Math SEO with AI SEO Tools < 1.0.215 - Contributor+ Stored XSS

Description The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HowTo block attributes in all versions up to, and including, 1.0.214 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

Fedora: Security Advisory for apache-commons-math (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: apache-commons-math-3.6.1-18.fc40

Commons Math is a library of lightweight, self-contained mathematics and statistics components addressing the most common problems not available in the Java programming language or Commons Lang...

BIT-GOLANG-2021-33198

In Go before 1.15.13 and 1.16.x before 1.16.5, there can be a panic for a large exponent to the math/big.Rat SetString or UnmarshalText method...

BIT-GOLANG-2022-23772

Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17.7 has an overflow that can lead to Uncontrolled Memory Consumption...

BIT-GOLANG-2022-32189 Panic when decoding Float and Rat types in math/big

A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service...

BIT-GOLANG-2023-45287 Before Go 1.20, the RSA based key exchange methods in crypto/tls may exhibit a timing side channel

Before Go 1.20, the RSA based TLS key exchanges used the math/big library, which is not constant time. RSA blinding was applied to prevent timing attacks, but analysis shows this may not have been fully effective. In particular it appears as if the removal of PKCS1 padding may leak timing...

gn-math-utopia-v2 (>=1.1.0 <=1.1.2), proxeasyjs (>=0.1.0 <=1.0.1) potentially affected by CVE-2024-27922 via @tomphttp/bare-server-node (=1.2.6)

@tomphttp/bare-server-node NPM version =1.2.6 is affected by a known vulnerability. The following packages have a transitive dependency on @tomphttp/bare-server-node and may be impacted: - gn-math-utopia-v2 =1.1.0, =0.1.0, =1.0.1 Source cves: CVE-2024-27922 Source advisory: OSV:GHSA-86FC-F9GR-V53...

Denial Of Service (DoS)

phpseclib/phpseclib is vulnerable to a Denial Of Service DoS. The vulnerability is due to a flaw in handling malformed certificates in the phpseclib/Math/BigInteger.php file by using the method isPrime. It allows an attacker to trigger excessive CPU consumption during the isPrime primality check...

pillow: Arbitrary Code Execution via the environment parameter

A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...

pillow: Arbitrary Code Execution via the environment parameter

A vulnerability was found in Pillow, a popular Python imaging library. The flaw identified in the PIL.ImageMath.eval function enables arbitrary code execution by manipulating the environment parameter...

CVE-2021-46915

A denial of service flaw was found in nftlimitinit in netfilter's nftlimit in the Linux Kernel. This issue occurs due to an inappropriate math function selection, which may cause an availability threat...

CVE-2021-46915 netfilter: nft_limit: avoid possible divide error in nft_limit_init

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: avoid possible divide error in nftlimitinit divu64 divides u64 by u32. nftlimitinit wants to divide u64 by u64, use the appropriate math function div64u64 divide error: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 83...

CVE-2021-46915 netfilter: nft_limit: avoid possible divide error in nft_limit_init

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: avoid possible divide error in nftlimitinit divu64 divides u64 by u32. nftlimitinit wants to divide u64 by u64, use the appropriate math function div64u64 divide error: 0000 1 PREEMPT SMP KASAN CPU: 1 PID: 83...