safer-eval (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package safer-eval, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2019-10759 — CVSS 9.9 (critical): safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and…
CVE-2019-10760 — CVSS 9.9 (critical): safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and…
CVE-2019-10769 — CVSS 9.8 (critical): safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are…