KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using `\includegraphics` that runs arbitrary JavaScript, or generate invalid HTML. Upgrade to KaTeX v0.16.10 to remove this vulnerability. https://github.com/KaTeX/KaTeX/commit/c5897fcd1f73da9612a53e6b5544f1d776e17770 https://github.com/KaTeX/KaTeX/security/advisories/GHSA-f98w-7cxr-ff2h
Created h3 tracking bugs for this issue: Affects: fedora-all [bug 2271604] Created marker tracking bugs for this issue: Affects: fedora-all [bug 2271605]