Critical severity9.8NVD Advisory· Published Nov 27, 2017· Updated Jun 17, 2026
CVE-2017-1001002
CVE-2017-1001002
Description
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mathjsnpm | < 3.17.0 | 3.17.0 |
Affected products
3- math.js/math.jsv5Range: 3.17.0
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.