Description
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Custom Fields PRO Arbitrary File Upload (5.12.2)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-7827)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (7.1.12)
WordPress Plugin Car Rental by BestWebSoft Cross-Site Scripting (1.0.4)
ownCloud Improper Authentication Vulnerability (CVE-2012-4392)