← Back

Safer Eval Project

safer-eval_project

3 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Safer Eval
safer-eval
3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-10769
1Safer Eval Project
1Safer Eval
Nov 21, 2024
Dec 6, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.
CVE-2019-10760
1Safer Eval Project
1Safer Eval
Nov 21, 2024
Oct 15, 2019
N/A· v4
9.9 CRITICAL· v3
6.5 MEDIUM· v2
safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CVE-2019-10759
1Safer Eval Project
1Safer Eval
Nov 21, 2024
Oct 15, 2019
N/A· v4
9.9 CRITICAL· v3
6.5 MEDIUM· v2
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.