CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Safer Eval Project 1Safer Eval Nov 21, 2024 Dec 6, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError. |
1Safer Eval Project 1Safer Eval Nov 21, 2024 Oct 15, 2019 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. |
1Safer Eval Project 1Safer Eval Nov 21, 2024 Oct 15, 2019 N/A· v4 9.9 CRITICAL· v3 6.5 MEDIUM· v2 safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. |