Severity: critical

Arbitrary Code Execution

mathjs

Overview

math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

Remediation

Upgrade to version 3.17.0 or later.

Advisory timeline

  1. published

    Advisory published
    Dec 6th, 2017
  2. reported

    Dec 6th, 2017