Description
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Remediation
References
https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9
https://github.com/hacksparrow/safe-eval/issues/28
https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062
Related Vulnerabilities
CVE-2021-21277 Vulnerability in npm package angular-expressions
CVE-2021-27515 Vulnerability in npm package url-parse
CVE-2017-1000219 Vulnerability in npm package windows-cpu
CVE-2021-32809 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4
CVE-2021-27644 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-server