CVE-2024-28246

EUVD-2024-0807
KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's `trust` option, specifically that provides a function to blacklist certain URL protocols, can be fooled by URLs in malicious inputs that use uppercase characters in the protocol. In particular, this can allow for malicious input to generate `javascript:` links in the output, even if the `trust` function tries to forbid this protocol via `trust: (context) => context.protocol !== 'javascript'`. Upgrade to KaTeX v0.16.10 to remove this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
GitHub_MCNA
5.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
katexkatex
0.11.0 ≤
𝑥
< 0.16.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
node-katex
bookworm
no-dsa
bullseye
no-dsa
forky
0.16.10+~cs6.1.0-2
fixed
sid
0.16.10+~cs6.1.0-2
fixed
trixie
0.16.10+~cs6.1.0-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
node-katex
bionic
not-affected
focal
not-affected
jammy
Fixed 0.13.11+~cs6.0.0-2ubuntu0.1~esm1
released
mantic
ignored
noble
not-affected
oracular
not-affected
plucky
not-affected
questing
not-affected
Common Weakness Enumeration
References
https://github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329
https://github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329