Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for safe-eval by safe-eval_project
CVE-2023-26122 (GCVE-0-2023-26122)
Vulnerability from cvelistv5 – Published: 2023-04-11 05:00 – Updated: 2025-02-07 16:56
VLAI
Summary
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
8 references
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26122",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:56:24.542670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:56:45.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.\rExploiting this vulnerability might result in remote code execution (\"RCE\").\r\r**Vulnerable functions:**\r\r__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf()."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-265",
"description": "Sandbox Bypass",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:02.658Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26122",
"datePublished": "2023-04-11T05:00:02.658Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-07T16:56:45.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26121 (GCVE-0-2023-26121)
Vulnerability from cvelistv5 – Published: 2023-04-11 05:00 – Updated: 2025-02-10 15:16
VLAI
Summary
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26121",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:16:22.240449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:16:54.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "Prototype Pollution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:01.308Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26121",
"datePublished": "2023-04-11T05:00:01.308Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-10T15:16:54.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25904 (GCVE-0-2022-25904)
Vulnerability from cvelistv5 – Published: 2022-12-21 01:21 – Updated: 2025-04-16 14:42
VLAI
Title
Prototype Pollution
Summary
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Prototype Pollution
- CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Assigner
References
Impacted products
Date Public
2022-12-20 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:41:46.672157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:42:09.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yuhan Gao"
}
],
"datePublic": "2022-12-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Prototype Pollution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-20T00:00:00.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "Prototype Pollution"
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25904",
"datePublished": "2022-12-21T01:21:43.830Z",
"dateReserved": "2022-02-24T00:00:00.000Z",
"dateUpdated": "2025-04-16T14:42:09.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7710 (GCVE-0-2020-7710)
Vulnerability from cvelistv5 – Published: 2020-08-21 09:15 – Updated: 2024-09-16 19:26
VLAI
Title
Sandbox Escape
Summary
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Severity
CWE
- Sandbox Escape
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076 | x_refsource_MISC |
| https://github.com/hacksparrow/safe-eval/issues/19 | x_refsource_MISC |
Impacted products
Date Public
2020-08-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anirudh Anand"
}
],
"datePublic": "2020-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sandbox Escape",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T09:15:13.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "Sandbox Escape",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2020-08-21T09:14:22.742905Z",
"ID": "CVE-2020-7710",
"STATE": "PUBLIC",
"TITLE": "Sandbox Escape"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Anirudh Anand"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Escape"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/19",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7710",
"datePublished": "2020-08-21T09:15:13.975Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:26:06.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16088 (GCVE-0-2017-16088)
Vulnerability from cvelistv5 – Published: 2018-06-07 02:00 – Updated: 2024-09-16 16:13
VLAI
Summary
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Severity
No CVSS data available.
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere (CWE-610)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/patriksimek/vm2/issues/59 | x_refsource_MISC |
| https://github.com/hacksparrow/safe-eval/issues/5 | x_refsource_MISC |
| https://nodesecurity.io/advisories/337 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HackerOne | safe-eval node module |
Affected:
All versions
|
Date Public
2018-04-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2018-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/patriksimek/vm2/issues/59",
"refsource": "MISC",
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/5",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"name": "https://nodesecurity.io/advisories/337",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/337"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16088",
"datePublished": "2018-06-07T02:00:00.000Z",
"dateReserved": "2017-10-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:13:38.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26122 (GCVE-0-2023-26122)
Vulnerability from nvd – Published: 2023-04-11 05:00 – Updated: 2025-02-07 16:56
VLAI
Summary
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
Severity
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
References
8 references
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26122",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:56:24.542670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:56:45.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.\rExploiting this vulnerability might result in remote code execution (\"RCE\").\r\r**Vulnerable functions:**\r\r__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf()."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-265",
"description": "Sandbox Bypass",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:02.658Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26122",
"datePublished": "2023-04-11T05:00:02.658Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-07T16:56:45.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26121 (GCVE-0-2023-26121)
Vulnerability from nvd – Published: 2023-04-11 05:00 – Updated: 2025-02-10 15:16
VLAI
Summary
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26121",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:16:22.240449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:16:54.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "Prototype Pollution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:01.308Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26121",
"datePublished": "2023-04-11T05:00:01.308Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-10T15:16:54.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25904 (GCVE-0-2022-25904)
Vulnerability from nvd – Published: 2022-12-21 01:21 – Updated: 2025-04-16 14:42
VLAI
Title
Prototype Pollution
Summary
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.
Severity
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- Prototype Pollution
- CWE-1321 - Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Assigner
References
Impacted products
Date Public
2022-12-20 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:41:46.672157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:42:09.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yuhan Gao"
}
],
"datePublic": "2022-12-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Prototype Pollution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-20T00:00:00.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "Prototype Pollution"
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25904",
"datePublished": "2022-12-21T01:21:43.830Z",
"dateReserved": "2022-02-24T00:00:00.000Z",
"dateUpdated": "2025-04-16T14:42:09.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7710 (GCVE-0-2020-7710)
Vulnerability from nvd – Published: 2020-08-21 09:15 – Updated: 2024-09-16 19:26
VLAI
Title
Sandbox Escape
Summary
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Severity
CWE
- Sandbox Escape
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076 | x_refsource_MISC |
| https://github.com/hacksparrow/safe-eval/issues/19 | x_refsource_MISC |
Impacted products
Date Public
2020-08-21 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anirudh Anand"
}
],
"datePublic": "2020-08-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sandbox Escape",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T09:15:13.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "Sandbox Escape",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2020-08-21T09:14:22.742905Z",
"ID": "CVE-2020-7710",
"STATE": "PUBLIC",
"TITLE": "Sandbox Escape"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Anirudh Anand"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Escape"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/19",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7710",
"datePublished": "2020-08-21T09:15:13.975Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:26:06.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16088 (GCVE-0-2017-16088)
Vulnerability from nvd – Published: 2018-06-07 02:00 – Updated: 2024-09-16 16:13
VLAI
Summary
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Severity
No CVSS data available.
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere (CWE-610)
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/patriksimek/vm2/issues/59 | x_refsource_MISC |
| https://github.com/hacksparrow/safe-eval/issues/5 | x_refsource_MISC |
| https://nodesecurity.io/advisories/337 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| HackerOne | safe-eval node module |
Affected:
All versions
|
Date Public
2018-04-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2018-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/patriksimek/vm2/issues/59",
"refsource": "MISC",
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/5",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"name": "https://nodesecurity.io/advisories/337",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/337"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16088",
"datePublished": "2018-06-07T02:00:00.000Z",
"dateReserved": "2017-10-29T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:13:38.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}