Description
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.
Remediation
References
https://snyk.io/vuln/SNYK-JS-SAFEREVAL-173772
Related Vulnerabilities
CVE-2018-19586 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web
CVE-2022-25869 Vulnerability in maven package org.webjars.npm:angular
CVE-2017-16193 Vulnerability in npm package mfrs
CVE-2020-7753 Vulnerability in maven package org.webjars.npm:trim
CVE-2021-25931 Vulnerability in maven package org.opennms:opennms-webapp