Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-1uvx-5hp6-5bgk

Summary KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability.

Aliases

alias	CVE-2024-28245

alias	GHSA-f98w-7cxr-ff2h

Fixed_packages

url pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-2

purl pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-npmc-q6zw-j7de

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.10%252B~cs6.1.0-2

url	pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-1?distro=trixie
purl	pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.10%252B~cs6.1.0-1%3Fdistro=trixie

url pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-2?distro=trixie

purl pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-npmc-q6zw-j7de

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.10%252B~cs6.1.0-2%3Fdistro=trixie

url	pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-7?distro=trixie
purl	pkg:deb/debian/node-katex@0.16.10%2B~cs6.1.0-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.10%252B~cs6.1.0-7%3Fdistro=trixie

url pkg:npm/katex@0.16.10

purl pkg:npm/katex@0.16.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-npmc-q6zw-j7de

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.10

Affected_packages

url pkg:deb/debian/node-katex@0.10.2%2Bdfsg-8

purl pkg:deb/debian/node-katex@0.10.2%2Bdfsg-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.10.2%252Bdfsg-8

url pkg:deb/debian/node-katex@0.16.4%2B~cs6.1.0-1

purl pkg:deb/debian/node-katex@0.16.4%2B~cs6.1.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.4%252B~cs6.1.0-1

url pkg:deb/debian/node-katex@0.10.2%2Bdfsg-8?distro=trixie

purl pkg:deb/debian/node-katex@0.10.2%2Bdfsg-8?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.10.2%252Bdfsg-8%3Fdistro=trixie

url pkg:deb/debian/node-katex@0.16.4%2B~cs6.1.0-1?distro=trixie

purl pkg:deb/debian/node-katex@0.16.4%2B~cs6.1.0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/node-katex@0.16.4%252B~cs6.1.0-1%3Fdistro=trixie

url pkg:npm/katex@0.11.0

purl pkg:npm/katex@0.11.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.11.0

url pkg:npm/katex@0.11.1

purl pkg:npm/katex@0.11.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.11.1

url pkg:npm/katex@0.12.0

purl pkg:npm/katex@0.12.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.12.0

url pkg:npm/katex@0.13.0

purl pkg:npm/katex@0.13.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.0

url pkg:npm/katex@0.13.1

purl pkg:npm/katex@0.13.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.1

url pkg:npm/katex@0.13.2

purl pkg:npm/katex@0.13.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.2

url pkg:npm/katex@0.13.3

purl pkg:npm/katex@0.13.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.3

url pkg:npm/katex@0.13.4

purl pkg:npm/katex@0.13.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.4

url pkg:npm/katex@0.13.5

purl pkg:npm/katex@0.13.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.5

url pkg:npm/katex@0.13.6

purl pkg:npm/katex@0.13.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.6

url pkg:npm/katex@0.13.7

purl pkg:npm/katex@0.13.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.7

url pkg:npm/katex@0.13.8

purl pkg:npm/katex@0.13.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.8

url pkg:npm/katex@0.13.9

purl pkg:npm/katex@0.13.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.9

url pkg:npm/katex@0.13.10

purl pkg:npm/katex@0.13.10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.10

url pkg:npm/katex@0.13.11

purl pkg:npm/katex@0.13.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.11

url pkg:npm/katex@0.13.12

purl pkg:npm/katex@0.13.12

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.12

url pkg:npm/katex@0.13.13

purl pkg:npm/katex@0.13.13

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.13

url pkg:npm/katex@0.13.14

purl pkg:npm/katex@0.13.14

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.14

url pkg:npm/katex@0.13.16

purl pkg:npm/katex@0.13.16

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.16

url pkg:npm/katex@0.13.17

purl pkg:npm/katex@0.13.17

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.17

url pkg:npm/katex@0.13.18

purl pkg:npm/katex@0.13.18

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.18

url pkg:npm/katex@0.13.19

purl pkg:npm/katex@0.13.19

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.19

url pkg:npm/katex@0.13.20

purl pkg:npm/katex@0.13.20

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.20

url pkg:npm/katex@0.13.21

purl pkg:npm/katex@0.13.21

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.21

url pkg:npm/katex@0.13.22

purl pkg:npm/katex@0.13.22

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.22

url pkg:npm/katex@0.13.23

purl pkg:npm/katex@0.13.23

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.23

url pkg:npm/katex@0.13.24

purl pkg:npm/katex@0.13.24

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.13.24

url pkg:npm/katex@0.14.0

purl pkg:npm/katex@0.14.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.14.0

url pkg:npm/katex@0.14.1

purl pkg:npm/katex@0.14.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.14.1

url pkg:npm/katex@0.15.0

purl pkg:npm/katex@0.15.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.0

url pkg:npm/katex@0.15.1

purl pkg:npm/katex@0.15.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.1

url pkg:npm/katex@0.15.2

purl pkg:npm/katex@0.15.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.2

url pkg:npm/katex@0.15.3

purl pkg:npm/katex@0.15.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.3

url pkg:npm/katex@0.15.4

purl pkg:npm/katex@0.15.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.4

url pkg:npm/katex@0.15.5

purl pkg:npm/katex@0.15.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.5

url pkg:npm/katex@0.15.6

purl pkg:npm/katex@0.15.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.15.6

url pkg:npm/katex@0.16.0

purl pkg:npm/katex@0.16.0

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.0

url pkg:npm/katex@0.16.1

purl pkg:npm/katex@0.16.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.1

url pkg:npm/katex@0.16.2

purl pkg:npm/katex@0.16.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.2

url pkg:npm/katex@0.16.3

purl pkg:npm/katex@0.16.3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.3

url pkg:npm/katex@0.16.4

purl pkg:npm/katex@0.16.4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.4

url pkg:npm/katex@0.16.5

purl pkg:npm/katex@0.16.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.5

url pkg:npm/katex@0.16.6

purl pkg:npm/katex@0.16.6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.6

url pkg:npm/katex@0.16.7

purl pkg:npm/katex@0.16.7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.7

url pkg:npm/katex@0.16.8

purl pkg:npm/katex@0.16.8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.8

url pkg:npm/katex@0.16.9

purl pkg:npm/katex@0.16.9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1uvx-5hp6-5bgk

vulnerability	VCID-j9km-s26z-ekc7

vulnerability	VCID-jft4-ny5y-auca

vulnerability	VCID-npmc-q6zw-j7de

vulnerability	VCID-yr9t-mmfr-rub1

resource_url http://public2.vulnerablecode.io/packages/pkg:npm/katex@0.16.9

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-28245

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15493
published_at	2026-06-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-28245

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28245
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28245

reference_url

https://github.com/KaTeX/KaTeX

reference_id

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/KaTeX/KaTeX

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067805
reference_id	1067805
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067805

reference_url

https://github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770

reference_id

c5897fcd1f73da9612a53e6b5544f1d776e17770

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-26T19:26:52Z/

url

https://github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-28245

reference_id

CVE-2024-28245

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-28245

reference_url

https://github.com/advisories/GHSA-f98w-7cxr-ff2h

reference_id

GHSA-f98w-7cxr-ff2h

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-f98w-7cxr-ff2h

reference_url

https://github.com/KaTeX/KaTeX/security/advisories/GHSA-f98w-7cxr-ff2h

reference_id

GHSA-f98w-7cxr-ff2h

reference_type

scores

value	6.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-03-26T19:26:52Z/

url

https://github.com/KaTeX/KaTeX/security/advisories/GHSA-f98w-7cxr-ff2h

reference_url	https://usn.ubuntu.com/7572-1/
reference_id	USN-7572-1
reference_type
scores
url	https://usn.ubuntu.com/7572-1/

Weaknesses

cwe_id	116
name	Improper Encoding or Escaping of Output
description	The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1uvx-5hp6-5bgk

Vulnerability Instance