org.webjars.bower:mathjs@3.11.5 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.webjars.bower:mathjs package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Prototype Pollution Affected versions of this package are vulnerable to Prototype Pollution via the `deepExtend function` that runs upon configuration updates. How to fix Prototype Pollution? There is no fixed version for `org.webjars.bower:mathjs`.	[0,)
M Arbitrary Code Execution `mathjs` is an extensive math library for JavaScript and Node.js. Affected versions of the package are vulnerable to Arbitrary Code Execution. The `isSafeMethod` was able to call other methods (like bind) which is not allowed and could cause code execution on the remote server. How to fix Arbitrary Code Execution? Upgrade `mathjs` to version 3.13.3 or higher.	[,3.13.3)
H Arbitrary Code Execution `mathjs` is an extensive math library for JavaScript and Node.js Affected versions of the package are vulnerable to Arbitrary Code Execution via `typed-function`. A malicious user could possibly execute arbitrary code in the JavaScript engine, by creating a typed function with JavaScript code in the name. How to fix Arbitrary Code Execution? Upgrade `mathjs` to version 3.17.0 or higher.	[,3.17.0)
C Arbitrary Code Execution `mathjs` is an extensive math library for JavaScript and Node.js Affected versions of the package are vulnerable to Arbitrary Code Execution. Forbidden properties like constructor could be replaced by using unicode characters when creating an object. How to fix Arbitrary Code Execution? Upgrade `mathjs` to version 3.17.0 or higher.	[,3.17.0)