Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Safer-eval Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10759 1 Safer-eval Project 1 Safer-eval 2021-07-21 6.5 MEDIUM 9.9 CRITICAL
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CVE-2019-10760 1 Safer-eval Project 1 Safer-eval 2021-07-21 6.5 MEDIUM 9.9 CRITICAL
safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CVE-2019-10769 1 Safer-eval Project 1 Safer-eval 2021-07-21 7.5 HIGH 9.8 CRITICAL
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.