Description
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Remediation
References
https://github.com/hacksparrow/safe-eval/issues/19
https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076
Related Vulnerabilities
CVE-2022-43402 Vulnerability in maven package org.jenkins-ci.plugins.workflow:workflow-cps
CVE-2017-16139 Vulnerability in npm package jikes
CVE-2020-7755 Vulnerability in npm package dat.gui
CVE-2020-24855 Vulnerability in npm package @easy-team/easywebpack-cli
CVE-2022-24728 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4