CVE-2017-1001003

Published: Nov 27, 2017

Modified: Sep 17, 2024

PUBLISHED

Description

math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

Vendor	Product	Versions
math.js	math.js	affected `3.17.0`

Weaknesses (CWE)

CWE-88

References

https://github.com/josdejong/mathjs/blob/master/HISTORY.md#2017-11-18-version-3170

x_refsource_CONFIRM

https://github.com/josdejong/mathjs/commit/a60f3c8d9dd714244aed7a5569c3dccaa3a4e761

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-1001003

Description

Affected Products

Weaknesses (CWE)

References