Description
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SAFEREVAL-173772
Related Vulnerabilities
CVE-2020-15130 Vulnerability in npm package slpjs
CVE-2020-15123 Vulnerability in npm package codecov
CVE-2022-39386 Vulnerability in npm package fastify-websocket
CVE-2022-25645 Vulnerability in maven package org.webjars.npm:dset
CVE-2021-32623 Vulnerability in maven package org.opencastproject:opencast-kernel