1 line
No EOL
1.7 KiB
Text
1 line
No EOL
1.7 KiB
Text
{"source":1096808,"name":"katex","dependency":"katex","title":"KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocols","url":"https://github.com/advisories/GHSA-3wc5-fcw2-2329","severity":"moderate","versions":["0.1.0","0.1.1","0.2.0","0.3.0","0.4.0","0.4.3","0.5.0","0.5.1","0.6.0","0.7.0-pre","0.7.0","0.7.1","0.8.0","0.8.1","0.8.2","0.8.3","0.9.0-alpha","0.9.0-alpha1","0.9.0-alpha2","0.9.0-beta","0.9.0-beta1","0.9.0","0.10.0-alpha","0.10.0-beta","0.10.0-rc","0.10.0-rc.1","0.10.0","0.10.1","0.10.2","0.11.0","0.11.1","0.12.0","0.13.0","0.13.1","0.13.2","0.13.3","0.13.4","0.13.5","0.13.6","0.13.7","0.13.8","0.13.9","0.13.10","0.13.11","0.13.12","0.13.13","0.13.14","0.13.16","0.13.17","0.13.18","0.13.19","0.13.20","0.13.21","0.13.22","0.13.23","0.13.24","0.14.0","0.14.1","0.15.0","0.15.1","0.15.2","0.15.3","0.15.4","0.15.5","0.15.6","0.16.0","0.16.1","0.16.2","0.16.3","0.16.4","0.16.5","0.16.6","0.16.7","0.16.8","0.16.9","0.16.10","0.16.11","0.16.12","0.16.13","0.16.14","0.16.15","0.16.16","0.16.17","0.16.18","0.16.19","0.16.20","0.16.21","0.16.22"],"vulnerableVersions":["0.11.0","0.11.1","0.12.0","0.13.0","0.13.1","0.13.2","0.13.3","0.13.4","0.13.5","0.13.6","0.13.7","0.13.8","0.13.9","0.13.10","0.13.11","0.13.12","0.13.13","0.13.14","0.13.16","0.13.17","0.13.18","0.13.19","0.13.20","0.13.21","0.13.22","0.13.23","0.13.24","0.14.0","0.14.1","0.15.0","0.15.1","0.15.2","0.15.3","0.15.4","0.15.5","0.15.6","0.16.0","0.16.1","0.16.2","0.16.3","0.16.4","0.16.5","0.16.6","0.16.7","0.16.8","0.16.9"],"cwe":["CWE-184"],"cvss":{"score":5.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"},"range":">=0.11.0 <0.16.10","id":"pOJRv/9+uxLheRGmQ2EscPku6CPFRkp3ESvbK+MTsSDbutC/3ShKHF6G56sJ4U+7V+jSgQzBM6uEduM0aNKw9g=="} |