Description
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Remediation
References
https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062
https://github.com/hacksparrow/safe-eval/issues/28
https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9
Related Vulnerabilities
CVE-2022-23812 Vulnerability in npm package node-ipc
CVE-2023-26492 Vulnerability in npm package directus
CVE-2022-25863 Vulnerability in npm package gatsby-plugin-mdx
CVE-2020-26256 Vulnerability in maven package org.webjars.npm:fast-csv
CVE-2022-31172 Vulnerability in npm package @openzeppelin/contracts-upgradeable