Description
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.
Remediation
References
Related Vulnerabilities
WordPress Plugin Duplicate Page and Post SQL Injection (2.5.6)
WordPress Plugin Social Share Icons & Social Share Buttons Cross-Site Scripting (3.0.5)
WordPress Plugin Fixedly Media Gallery Cross-Site Scripting (1.3.1)
MySQL CVE-2013-5807 Vulnerability (CVE-2013-5807)
Magento Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-7892)