Adhintz

**Name of the Vulnerable Software and Affected Versions** pdoc versions prior to 14.5.1 **Description** The issue arises from documentation generated with `pdoc --math` being linked to JavaScript files from polyfill.io. The polyfill.io CDN has been sold and now serves malicious code, leading to a supply chain attack. This allows for malicious code execution. Users who produce documentation with math mode are affected. **Recommendations** For versions prior to 14.5.1, update to version 14.5.1 to resolve the issue. As a temporary workaround, consider avoiding the use of the `--math` option when generating documentation with pdoc until the update is applied.