Lucene search
GoogleOSV:CVE-2017-16226HistoryJun 07, 2018 - 2:29 a.m.
CVE-2017-16226
2018-06-0702:29:07
Google
osv.dev
3
The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing arbitrary code execution.
| CPE | Name | Operator | Version |
|---|---|---|---|
| static-eval | eq | 0.2.1 | |
| static-eval | eq | 0.2.2 | |
| static-eval | eq | 1.0.0 | |
| static-eval | eq | 0.1.0 | |
| static-eval | eq | 1.1.0 | |
| static-eval | eq | 1.1.1 | |
| static-eval | eq | 0.2.3 | |
| static-eval | eq | 0.1.1 | |
| static-eval | eq | 0.0.0 | |
| static-eval | eq | 0.2.0 |
Related
cvelist
cvelist
CVE-2017-16226
2018-04-26 00:00:00
nodejs
nodejs
Sandbox Breakout / Arbitrary Code Execution
2017-10-17 23:19:54
github
github
Sandbox Breakout / Arbitrary Code Execution in static-eval
2018-08-06 21:37:06
prion
prion
Code injection
2018-06-07 02:29:00
cve
cve
CVE-2017-16226
2018-06-07 02:29:07
veracode
veracode
Arbitrary Code Execution
2018-05-31 03:12:15
nvd
nvd
CVE-2017-16226
2018-06-07 02:29:07
osv
osv
Sandbox Breakout / Arbitrary Code Execution in static-eval
2018-08-06 21:37:06