Advisories for Npm/Mathjs package

The mathjs package is vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.

mathjs has an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.

math.js has an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could result arbitrary execution.