EUVD-2026-25571

Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the expression parser of mathjs. You can be affected when you have an application where users can evaluate arbitrary expressions using the math...

EUVD-2017-0366

Malware in sbrugna...

CVE-2017-1001002

math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution...

Kibana 6.1.1 security update

Kibana arbitrary code execution issue ESA-2017-24 Kibana version 6.1.0 had an arbitrary code execution vulnerability in the Math.js package which is used by math aggregations in Time Series Visual Builder. Kibana users could construct a math aggregation capable of executing arbitrary code on the...

Unspecified Vulnerability in Math.js

Math.js is a math library for JavaScript and Node.js that supports symbolic computation with a large number of built-in functions and constants. A security vulnerability exists in Math.js versions prior to 3.17.0. The vulnerability can be exploited by an attacker to replace private properties whe...