Safe-eval Project Safe-eval — known CVE vulnerabilities
Every CVE whose affected-product data names Safe-eval Project Safe-eval, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2017-16088 — CVSS 10.0 (critical): The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access…
CVE-2023-26122 — CVSS 8.8 (high): All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived…
CVE-2020-7710 — CVSS 8.1 (high): This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
CVE-2022-25904 — CVSS 7.5 (high): All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the…
CVE-2023-26121 — CVSS 7.5 (high): All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its…