Lucene search

Veracode Vulnerability DatabaseVERACODE:46063

HistoryMar 28, 2024 - 10:36 a.m.

URL Protocol Bypass

2024-03-2810:36:57

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

url protocol bypass

katex library

blacklist mechanism

uppercase characters

5.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

6.7 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.9%

JSON

katex is vulnerable to URL Protocol Bypass. The vulnerability is due to insufficient validation of URL protocols by the KaTeX library’s trust option. It allows malicious inputs containing URLs with uppercase characters in the protocol to bypass the blacklist mechanism.

CPENameOperatorVersion
katexle0.16.9
katexle0.16.9

CPE	Name	Operator	Version
	katex	le	0.16.9
	katex	le	0.16.9

References

github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de

github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329