Mathjs: Security Vulnerabilities
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
CVSS Score
7.3
EPSS Score
0.017
Published
2020-10-13
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
CVSS Score
9.8
EPSS Score
0.01
Published
2017-11-27