Lucene search
GoogleOSV:CVE-2020-7743HistoryOct 13, 2020 - 10:15 a.m.
CVE-2020-7743
2020-10-1310:15:13
Google
osv.dev
7
mathjs
prototype pollution
configuration updates
software
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
References
github.com/josdejong/mathjs/blob/develop/src/utils/object.js%23L82
github.com/josdejong/mathjs/commit/ecb80514e80bce4e6ec7e71db8ff79954f07c57e
snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1017113
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1017112
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1017111
snyk.io/vuln/SNYK-JS-MATHJS-1016401
Related
cve
cve
CVE-2020-7743
2020-10-13 10:15:13
redhatcve
redhatcve
CVE-2020-7743
2020-10-13 20:20:23
veracode
veracode
Prototype Pollution
2020-10-14 02:24:54
osv
osv
Prototype Pollution in mathjs
2021-05-10 18:39:04
cvelist
cvelist
CVE-2020-7743 Prototype Pollution
2020-10-13 09:15:16
nvd
nvd
CVE-2020-7743
2020-10-13 10:15:13
github
github
Prototype Pollution in mathjs
2021-05-10 18:39:04
nodejs
nodejs
Prototype Pollution
2021-05-10 18:40:30
prion
prion
Default configuration
2020-10-13 10:15:00
redhat
redhat