Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
safe-eval vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26121
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Safe-eval Project Safe-eval
1 Github repository
NA
CVE-2023-26122
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation. Exploiting this vulnerability might result in remote code execution ("RCE"). **Vulnerable funct...
Safe-eval Project Safe-eval
1 Github repository
NA
CVE-2022-25904
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an malicious user to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an malicious user to mod...
Safe-eval Project Safe-eval
668
VMScore
CVE-2020-7710
This affects all versions of package safe-eval. It is possible for an malicious user to run an arbitrary command on the host machine.
Safe-eval Project Safe-eval
891
VMScore
CVE-2017-16088
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Safe-eval Project Safe-eval 0.3.0
Safe-eval Project Safe-eval 0.0.0
Safe-eval Project Safe-eval 0.2.0
Safe-eval Project Safe-eval 0.1.0
2 Github repositories
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started