Browse all 3 CVE security advisories affecting josdejong. AI-powered Chinese analysis, POCs, and references for each vulnerability.
josdejong develops JavaScript libraries for data manipulation and visualization, with a core use case enabling interactive web applications. Historically, vulnerabilities have included cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from improper input validation or insecure deserialization. Notable characteristics include regular security updates and a responsive disclosure process, though three CVEs on record highlight persistent risks in data parsing functions. The project maintains transparent reporting practices, with incidents typically resolved within weeks of disclosure. Security remains a priority, with ongoing efforts to sanitize inputs and implement stricter parsing mechanisms to prevent exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-41139 | Unsafe array index getter in mathjs — mathjsCWE-915 | 6.1 | - | 2026-05-07 |
| CVE-2026-40897 | Math.js: Unsafe object property setter in mathjs — mathjsCWE-915 | 8.8 | High | 2026-04-24 |
| CVE-2021-3822 | Inefficient Regular Expression Complexity in josdejong/jsoneditor — josdejong/jsoneditorCWE-1333 | 7.5 | - | 2021-09-27 |
This page lists every published CVE security advisory associated with josdejong. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.