The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing arbitrary code execution.
CPE | Name | Operator | Version |
---|---|---|---|
static-eval | eq | 0.2.1 | |
static-eval | eq | 0.2.2 | |
static-eval | eq | 1.0.0 | |
static-eval | eq | 0.1.0 | |
static-eval | eq | 1.1.0 | |
static-eval | eq | 1.1.1 | |
static-eval | eq | 0.2.3 | |
static-eval | eq | 0.1.1 | |
static-eval | eq | 0.0.0 | |
static-eval | eq | 0.2.0 |