[Git][security-tracker-team/security-tracker][master] Add new node-katex issues

Mon, 25 Mar 2024 14:02:00 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8faf7519 by Salvatore Bonaccorso at 2024-03-25T21:59:52+01:00
Add new node-katex issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -52,13 +52,21 @@ CVE-2024-28387 (An issue in axonaut v.3.1.23 and before 
allows a remote attacker
 CVE-2024-28386 (An issue in Home-Made.io fastmagsync v.1.7.51 and before 
allows a remo ...)
        NOT-FOR-US: PrestaShop module
 CVE-2024-28246 (KaTeX is a JavaScript library for TeX math rendering on the 
web. Code  ...)
-       TODO: check
+       - node-katex <unfixed>
+       NOTE: 
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-3wc5-fcw2-2329
+       NOTE: 
https://github.com/KaTeX/KaTeX/commit/fc5af64183a3ceb9be9d1c23a275999a728593de 
(v0.16.10)
 CVE-2024-28245 (KaTeX is a JavaScript library for TeX math rendering on the 
web. KaTeX ...)
-       TODO: check
+       - node-katex <unfixed>
+       NOTE: 
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-f98w-7cxr-ff2h
+       NOTE: 
https://github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770 
(v0.16.10)
 CVE-2024-28244 (KaTeX is a JavaScript library for TeX math rendering on the 
web. KaTeX ...)
-       TODO: check
+       - node-katex <unfixed>
+       NOTE: 
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cvr6-37gx-v8wc
+       NOTE: 
https://github.com/KaTeX/KaTeX/commit/085e21b5da05414efefa932570e7201a7c70e5b2 
(v0.16.10)
 CVE-2024-28243 (KaTeX is a JavaScript library for TeX math rendering on the 
web. KaTeX ...)
-       TODO: check
+       - node-katex <unfixed>
+       NOTE: 
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-64fm-8hw2-v72w
+       NOTE: 
https://github.com/KaTeX/KaTeX/commit/e88b4c357f978b1bca8edfe3297f0aa309bcbe34 
(v0.16.10)
 CVE-2024-28183 (ESP-IDF is the development framework for Espressif SoCs 
supported on W ...)
        TODO: check
 CVE-2024-28108 (phpMyFAQ is an open source FAQ web application for PHP 8.1+ 
and MySQL, ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8faf7519187a34662cb5a0fc93632dd34999e081

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8faf7519187a34662cb5a0fc93632dd34999e081
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to