org.webjars.npm:katex 0.16.4 vulnerabilities

Known vulnerabilities in the org.webjars.npm:katex package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Unchecked Input for Loop Condition org.webjars.npm:katex is a Fast math typesetting for the web. Affected versions of this package are vulnerable to Unchecked Input for Loop Condition when handling `\def` or `\newcommand` in conjunction with Unicode sub/superscripts. An attacker can cause a near-infinite loop, leading to memory overflow, tying up the main thread, or stack overflow, by exploiting the `maxExpand` option which fails to limit macro executions effectively. Note: This vulnerability is particularly concerning when rendering untrusted mathematical expressions, as it can be used for an availability attack, rendering the service unusable. How to fix Unchecked Input for Loop Condition? Upgrade `org.webjars.npm:katex` to version 0.16.10 or higher.	[,0.16.10)
M Unchecked Input for Loop Condition org.webjars.npm:katex is a Fast math typesetting for the web. Affected versions of this package are vulnerable to Unchecked Input for Loop Condition when handling `\edef` commands. An attacker can cause a near-infinite loop, leading to memory overflow, tying up the main thread, or stack overflow by crafting malicious input using `\edef` that bypasses the `maxExpand` setting designed to prevent such issues. Note: This vulnerability is particularly concerning for users who render untrusted mathematical expressions, as it can be exploited to perform an availability attack, rendering the service unusable. How to fix Unchecked Input for Loop Condition? Upgrade `org.webjars.npm:katex` to version 0.16.10 or higher.	[,0.16.10)
M Incomplete List of Disallowed Inputs org.webjars.npm:katex is a Fast math typesetting for the web. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs due to the `trust` option. Specifically, the functionality that provides a function to blacklist certain URL protocols, can be bypassed by URLs in malicious inputs that utilize uppercase characters in the protocol. This can allow for the generation of `javascript:` links in the output, even when the `trust` function is designed to forbid this protocol. How to fix Incomplete List of Disallowed Inputs? Upgrade `org.webjars.npm:katex` to version 0.16.10 or higher.	[,0.16.10)
M Improper Encoding or Escaping of Output org.webjars.npm:katex is a Fast math typesetting for the web. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output when handling the `\includegraphics` command. An attacker can execute arbitrary JavaScript or generate invalid HTML by exploiting the lack of proper filename escaping in the `\includegraphics` command. Note: This is only exploitable if the `trust` option is enabled or not properly configured to restrict the `\includegraphics` commands. How to fix Improper Encoding or Escaping of Output? Upgrade `org.webjars.npm:katex` to version 0.16.10 or higher.	[,0.16.10)

Vulnerability

Vulnerable Version

Unchecked Input for Loop Condition

org.webjars.npm:katex is a Fast math typesetting for the web.

Affected versions of this package are vulnerable to Unchecked Input for Loop Condition when handling \def or \newcommand in conjunction with Unicode sub/superscripts. An attacker can cause a near-infinite loop, leading to memory overflow, tying up the main thread, or stack overflow, by exploiting the maxExpand option which fails to limit macro executions effectively.

Note:

This vulnerability is particularly concerning when rendering untrusted mathematical expressions, as it can be used for an availability attack, rendering the service unusable.

How to fix Unchecked Input for Loop Condition?

Upgrade org.webjars.npm:katex to version 0.16.10 or higher.

[,0.16.10)

Unchecked Input for Loop Condition

org.webjars.npm:katex is a Fast math typesetting for the web.

Affected versions of this package are vulnerable to Unchecked Input for Loop Condition when handling \edef commands. An attacker can cause a near-infinite loop, leading to memory overflow, tying up the main thread, or stack overflow by crafting malicious input using \edef that bypasses the maxExpand setting designed to prevent such issues.

Note:

This vulnerability is particularly concerning for users who render untrusted mathematical expressions, as it can be exploited to perform an availability attack, rendering the service unusable.

How to fix Unchecked Input for Loop Condition?

Upgrade org.webjars.npm:katex to version 0.16.10 or higher.

[,0.16.10)

Incomplete List of Disallowed Inputs

org.webjars.npm:katex is a Fast math typesetting for the web.

Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs due to the trust option. Specifically, the functionality that provides a function to blacklist certain URL protocols, can be bypassed by URLs in malicious inputs that utilize uppercase characters in the protocol. This can allow for the generation of javascript: links in the output, even when the trust function is designed to forbid this protocol.

How to fix Incomplete List of Disallowed Inputs?

Upgrade org.webjars.npm:katex to version 0.16.10 or higher.

[,0.16.10)

Improper Encoding or Escaping of Output

org.webjars.npm:katex is a Fast math typesetting for the web.

Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output when handling the \includegraphics command. An attacker can execute arbitrary JavaScript or generate invalid HTML by exploiting the lack of proper filename escaping in the \includegraphics command.

Note:

This is only exploitable if the trust option is enabled or not properly configured to restrict the \includegraphics commands.

How to fix Improper Encoding or Escaping of Output?

Upgrade org.webjars.npm:katex to version 0.16.10 or higher.

[,0.16.10)

org.webjars.npm:katex@0.16.4 vulnerabilities

latest version

latest non vulnerable version

first published

latest version published

licenses detected

package manager

Direct Vulnerabilities

How to fix?