safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
safer-eval | eq | 1.0.0 | |
safer-eval | eq | 1.2.2 | |
safer-eval | eq | 1.2.1 | |
safer-eval | eq | 1.2.0 | |
safer-eval | eq | 1.3.1 | |
safer-eval | eq | 1.2.3 | |
safer-eval | eq | 1.1.0 | |
safer-eval | eq | 1.0.1 | |
safer-eval | eq | 1.3.0 |