Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package katex, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2024-28243 — CVSS 6.5 (medium): KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter…
CVE-2024-28244 — CVSS 6.5 (medium): KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter…
CVE-2024-28245 — CVSS 6.3 (medium): KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter…
CVE-2025-23207 — CVSS 6.3 (medium): KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical…
CVE-2024-28246 — CVSS 5.5 (medium): KaTeX is a JavaScript library for TeX math rendering on the web. Code that uses KaTeX's `trust` option, specifically that provides a…