Vulnerabilities (CVE)

Filtered by vendor Mathjs Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-7743 1 Mathjs 1 Mathjs 2024-11-21 7.5 HIGH 7.3 HIGH
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
CVE-2017-1001002 1 Mathjs 1 Math.js 2024-11-21 7.5 HIGH 9.8 CRITICAL
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.