KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-25T19:53:01.320Z
Updated: 2024-08-02T00:48:49.569Z
Reserved: 2024-03-07T14:33:30.036Z
Link: CVE-2024-28245
Vulnrichment
Updated: 2024-08-01T15:39:47.585Z
NVD
Status : Awaiting Analysis
Published: 2024-03-25T20:15:08.370
Modified: 2024-11-21T09:06:05.163
Link: CVE-2024-28245
Redhat
No data.