Description
KaTeX users who render untrusted mathematical expressions could encounter malicious input using \edef that causes a near-infinite loop, despite setting maxExpand to avoid such loops. This can be used as an availability attack, where e.g.
Recommendation
Update the katex package to the latest compatible version. Followings are version details:
- Affected version(s): >= 0.10.0-beta, < 0.16.10
- Patched version(s): 0.16.10
References
Related Issues
- KaTeX's maxExpand bypassed by Unicode sub/superscripts - CVE-2024-28244
- KaTeX's `\includegraphics` does not escape filename - CVE-2024-28245
- KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocols - CVE-2024-28246
- Vite's `server.fs.deny` is bypassed when using `?import&raw` - CVE-2024-45811
- Tags:
- npm
- katex
Anything's wrong? Let us know Last updated on March 25, 2024