Description
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Remediation
References
https://github.com/hacksparrow/safe-eval/issues/19
https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076
Related Vulnerabilities
CVE-2021-23362 Vulnerability in maven package org.webjars.npm:hosted-git-info
CVE-2020-11994 Vulnerability in maven package org.apache.camel:camel-robotframework
CVE-2022-28366 Vulnerability in maven package org.codelibs:nekohtml
CVE-2020-7780 Vulnerability in maven package com.softwaremill.akka-http-session:core_2.13
CVE-2023-34660 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent