Mathjs · Math.Js · CVE-2017-1001003
**Name of the Vulnerable Software and Affected Versions**
math.js versions prior to 3.17.0
**Description**
The issue allows private properties, such as a constructor, to be replaced by utilizing unicode characters when creating an object.
**Recommendations**
For math.js versions prior to 3.17.0, upgrade to version 3.17.0 or later.