4 matches found
MathJax Regular expression Denial of Service (ReDoS)
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk...
CVE-2023-39663
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk...
CVE-2023-39663
Mathjax up to v2.7.9 was discovered to contain two Regular expression Denial of Service ReDoS vulnerabilities in MathJax.js via the components pattern and markdownPattern. NOTE: the vendor disputes this because the regular expressions are not applied to user input; thus, there is no risk...
CVE-2023-39663
CVE-2023-39663 affects MathJax up to v2.7.9. The issue is two Regular Expression Denial of Service (ReDoS) flaws in MathJax.js triggered via the components pattern and markdownPattern. The vendor disputes the risk on the basis that the regexes aren’t applied to user input. Documented impact from ...