Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown
CVE-2020-7743
Disclosure Date: October 13, 2020 (last updated February 22, 2025)
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
0
Attacker Value
Unknown
CVE-2017-1001002
Disclosure Date: November 27, 2017 (last updated November 08, 2023)
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
0
Attacker Value
Unknown
CVE-2017-1001003
Disclosure Date: November 27, 2017 (last updated November 08, 2023)
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
0
