Required CVE Record Information
Description
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an object.
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.