Description
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SAFEREVAL-173772
Related Vulnerabilities
CVE-2021-21293 Vulnerability in maven package org.http4s:blaze-core_2.13
CVE-2018-13863 Vulnerability in npm package bson
CVE-2018-3750 Vulnerability in maven package org.webjars.npm:deep-extend
CVE-2021-34080 Vulnerability in npm package ssl-utils
CVE-2023-25766 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials