RSS   Podatności dla 'Safer-eval'   RSS

2019-12-06
 
CVE-2019-10769

CWE-20
 

 
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError.

 
2019-10-15
 
CVE-2019-10760

CWE-94
 

 
safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.

 
 
CVE-2019-10759

CWE-94
 

 
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.

 


Copyright 2024, cxsecurity.com

 

Back to Top