CVE-2017-1001002: Arbitrary Code Execution in mathjs
9.8
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.7651%
CWE
Published
12/18/2017
Updated
1/9/2023
KEV Status
No
Technology
JavaScript
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
mathjs | npm | < 3.17.0 | 3.17.0 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper validation()
of function names in typed-function creation. The commit diff shows a critical check was added to ensure function names are SymbolNodes
(type.isSymbolNode(node.fn)
), preventing code in function names. The security test added in security.test.js
demonstrates exploitation via function names containing executable JS code. The parse.js
modification in function assignment handling directly addresses this vector.