Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
KaTeX's maxExpand bypassed by Unicode sub/superscripts
Vulnerability Description
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\def` or `\newcommand` that causes a near-infinite loop, despite setting `maxExpand` to avoid such loops. KaTeX supports an option named maxExpand which aims to prevent infinitely recursive macros from consuming all available memory and/or triggering a stack overflow error. Unfortunately, support for "Unicode (sub|super)script characters" allows an attacker to bypass this limit. Each sub/superscript group instantiated a separate Parser with its own limit on macro executions, without inheriting the current count of macro executions from its parent. This has been corrected in KaTeX v0.16.10.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未经控制的递归
Vulnerability Title
KaTeX 安全漏洞
Vulnerability Description
KaTeX是一个快速、易于使用的 JavaScript 库,用于在网络上进行 TeX 数学渲染。 KaTeX v0.16.10 版本之前存在安全漏洞,该漏洞源于呈现不受信任的数学表达式的 KaTeX 用户可能会遇到使用 def 或 ewcommand 的恶意输入,可能导致近乎无限的循环。
CVSS Information
N/A
Vulnerability Type
N/A