Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2020-7743
The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.