Vulnerabilities (CVE)

Filtered by vendor Safer-eval Project Subscribe
Filtered by product Safer-eval
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10759 1 Safer-eval Project 1 Safer-eval 2024-02-04 6.5 MEDIUM 9.9 CRITICAL
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CVE-2019-10760 1 Safer-eval Project 1 Safer-eval 2024-02-04 6.5 MEDIUM 9.9 CRITICAL
safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CVE-2019-10769 1 Safer-eval Project 1 Safer-eval 2024-02-04 7.5 HIGH 9.8 CRITICAL
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.