10 matches found
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...
CVE-2026-40897
Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the math...
CVE-2026-40897 Math.js: Unsafe object property setter in mathjs
Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the math...
CVE-2026-40897
Math.js vulnerable versions 13.1.1 up to
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...
EUVD-2021-1224
Malware in sbrugna...
2d-topopt (=0.1.0), 2d-transformation-solver (>=0.1.1 <=0.2.0) +2968 more potentially affected by CVE-2020-7743 via mathjs (>=0.10.0 <=7.5.0)
mathjs NPM version =0.10.0, =0.1.1, =1.0.0, =0.0.1, =0.0.2, =3.1.3, =2.6.0, =0.9.0, =1.0.0, =1.0.0, =1.0.1 - @abcaustralia/campaign-health-quiz =1.1.1 - @abear/hnode-tools =0.0.1 and more Source cves: CVE-2020-7743 Source advisory: OSV:GHSA-X2FC-MXCX-W4MF...
@baic/yolk (>=1.0.0-alpha.2 <=1.0.0-alpha.43), @baic/yolk-miniapp (>=1.0.0-alpha.1 <=1.0.0-alpha.43) +4 more potentially affected by CVE-2020-7743 via mathjs (>=7.1.0 <=7.5.0)
mathjs NPM version =7.1.0, =1.0.0-alpha.2, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.3, =2.0.12, =2.2.25 Source cves: CVE-2020-7743 Source advisory: SNYK:JS-MATHJS-1016401...
2d-topopt (=0.1.0), 3net.js (>=0.0.1 <=0.2.4) +2095 more potentially affected by CVE-2017-1001002 via mathjs (>=0.10.0 <=3.16.5)
mathjs NPM version =0.10.0, =0.0.1, =0.0.2, =3.1.3, =2.6.0, =1.0.0, =1.3.0, =2.0.0, =0.1.0, =5.10.2-alpha.1, =5.10.2-alpha.2, =2.0.0, =4.10.2 and more Source cves: CVE-2017-1001002 Source advisory: OSV:GHSA-VX5C-87QX-CV6C...