Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/katex@0.16.14
Typenpm
Namespace
Namekatex
Version0.16.14
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.16.21
Latest_non_vulnerable_version0.16.21
Affected_by_vulnerabilities
0
url VCID-npmc-q6zw-j7de
vulnerability_id VCID-npmc-q6zw-j7de
summary KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\htmlData` commands, forbid inputs containing the substring `"\\htmlData"` and sanitize HTML output from KaTeX.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23207.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-23207.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-23207
reference_id
reference_type
scores
0
value 0.00051
scoring_system epss
scoring_elements 0.16605
published_at 2026-06-14T12:55:00Z
1
value 0.00051
scoring_system epss
scoring_elements 0.16622
published_at 2026-06-12T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.16477
published_at 2026-06-11T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.16633
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-23207
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23207
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-23207
3
reference_url https://github.com/KaTeX/KaTeX
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/KaTeX/KaTeX
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-23207
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-23207
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093446
reference_id 1093446
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093446
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2338681
reference_id 2338681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2338681
7
reference_url https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c
reference_id ff289955e81aab89086eef09254cbf88573d415c
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-17T21:32:10Z/
url https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c
8
reference_url https://github.com/advisories/GHSA-cg87-wmx4-v546
reference_id GHSA-cg87-wmx4-v546
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cg87-wmx4-v546
9
reference_url https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546
reference_id GHSA-cg87-wmx4-v546
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-17T21:32:10Z/
url https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546
10
reference_url https://access.redhat.com/errata/RHSA-2025:2753
reference_id RHSA-2025:2753
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:2753
11
reference_url https://usn.ubuntu.com/7572-1/
reference_id USN-7572-1
reference_type
scores
url https://usn.ubuntu.com/7572-1/
fixed_packages
0
url pkg:npm/katex@0.16.21
purl pkg:npm/katex@0.16.21
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.21
aliases CVE-2025-23207, GHSA-cg87-wmx4-v546
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npmc-q6zw-j7de
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.14