EPSS
Percentile
64.7%
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
Upgrade to version 3.17.0 or later.
github.com/advisories/GHSA-pv8x-p9hq-j328
github.com/josdejong/mathjs/blob/master/HISTORY.md#2017-11-18-version-3170
github.com/josdejong/mathjs/commit/a60f3c8d9dd714244aed7a5569c3dccaa3a4e761
nvd.nist.gov/vuln/detail/CVE-2017-1001003
www.npmjs.com/advisories/551