Search criteria
15 vulnerabilities found for safe-eval by safe-eval_project
FKIE_CVE-2023-26121
Vulnerability from fkie_nvd - Published: 2023-04-11 05:15 - Updated: 2025-02-10 16:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
References
| URL | Tags | ||
|---|---|---|---|
| report@snyk.io | https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9 | Exploit, Third Party Advisory | |
| report@snyk.io | https://github.com/hacksparrow/safe-eval/issues/28 | Exploit, Issue Tracking, Third Party Advisory | |
| report@snyk.io | https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/hacksparrow/safe-eval/issues/28 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| safe-eval_project | safe-eval | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "CD03CFC7-7F8B-4C4F-AAC0-F3924E4EAB65",
"versionEndIncluding": "0.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content."
}
],
"id": "CVE-2023-26121",
"lastModified": "2025-02-10T16:15:33.273",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "report@snyk.io",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T05:15:07.127",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "report@snyk.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2023-26122
Vulnerability from fkie_nvd - Published: 2023-04-11 05:15 - Updated: 2025-02-07 17:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| safe-eval_project | safe-eval | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "CD03CFC7-7F8B-4C4F-AAC0-F3924E4EAB65",
"versionEndIncluding": "0.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.\rExploiting this vulnerability might result in remote code execution (\"RCE\").\r\r**Vulnerable functions:**\r\r__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf()."
}
],
"id": "CVE-2023-26122",
"lastModified": "2025-02-07T17:15:25.093",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "report@snyk.io",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-11T05:15:07.180",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-265"
}
],
"source": "report@snyk.io",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-25904
Vulnerability from fkie_nvd - Published: 2022-12-20 05:15 - Updated: 2025-04-16 15:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.
References
| URL | Tags | ||
|---|---|---|---|
| report@snyk.io | https://github.com/hacksparrow/safe-eval/issues/26 | Exploit, Issue Tracking, Third Party Advisory | |
| report@snyk.io | https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/hacksparrow/safe-eval/issues/26 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701 | Exploit, Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| safe-eval_project | safe-eval | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "CD03CFC7-7F8B-4C4F-AAC0-F3924E4EAB65",
"versionEndIncluding": "0.4.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
},
{
"lang": "es",
"value": "Todas las versiones del paquete safe-eval son vulnerables a Prototype Pollution, que permite a un atacante agregar o modificar propiedades de Object.prototype.Consolidate cuando usa la funci\u00f3n safeEval. Esto se debe a que la funci\u00f3n usa la variable vm, lo que lleva a un atacante a modificar las propiedades del Object.prototype."
}
],
"id": "CVE-2022-25904",
"lastModified": "2025-04-16T15:15:50.550",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "report@snyk.io",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-12-20T05:15:11.487",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
},
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2020-7710
Vulnerability from fkie_nvd - Published: 2020-08-21 10:15 - Updated: 2024-11-21 05:37
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
References
| URL | Tags | ||
|---|---|---|---|
| report@snyk.io | https://github.com/hacksparrow/safe-eval/issues/19 | Exploit, Third Party Advisory | |
| report@snyk.io | https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/hacksparrow/safe-eval/issues/19 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| safe-eval_project | safe-eval | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:*:*:*:*:*:node.js:*:*",
"matchCriteriaId": "40E74BFD-022E-4056-878F-0FA8BA26FDAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
},
{
"lang": "es",
"value": "Esto afecta a todas las versiones del paquete safe-eval. Es posible que un atacante ejecute un comando arbitrario en la m\u00e1quina host."
}
],
"id": "CVE-2020-7710",
"lastModified": "2024-11-21T05:37:39.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "report@snyk.io",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-08-21T10:15:11.460",
"references": [
{
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
},
{
"source": "report@snyk.io",
"tags": [
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
}
],
"sourceIdentifier": "report@snyk.io",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-16088
Vulnerability from fkie_nvd - Published: 2018-06-07 02:29 - Updated: 2024-11-21 03:15
Severity ?
Summary
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
References
| URL | Tags | ||
|---|---|---|---|
| support@hackerone.com | https://github.com/hacksparrow/safe-eval/issues/5 | Third Party Advisory | |
| support@hackerone.com | https://github.com/patriksimek/vm2/issues/59 | Third Party Advisory | |
| support@hackerone.com | https://nodesecurity.io/advisories/337 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/hacksparrow/safe-eval/issues/5 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/patriksimek/vm2/issues/59 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://nodesecurity.io/advisories/337 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| safe-eval_project | safe-eval | 0.0.0 | |
| safe-eval_project | safe-eval | 0.1.0 | |
| safe-eval_project | safe-eval | 0.2.0 | |
| safe-eval_project | safe-eval | 0.3.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:0.0.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "4D79B731-E0EB-45EE-AAE5-67DF7A6C7FAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:0.1.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "5C15792D-0910-4081-8862-70FFF06200AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:0.2.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "1F446425-972B-4721-A9C5-343B4D0F1935",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:safe-eval_project:safe-eval:0.3.0:*:*:*:*:node.js:*:*",
"matchCriteriaId": "6484CD1E-EE5E-4CEB-AC87-CD05D6FE08F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
},
{
"lang": "es",
"value": "El m\u00f3dulo safe-eval se describe como una versi\u00f3n m\u00e1s segura de eval. Mediante el acceso a los constructores de objeto, las entradas de usuario no saneadas pueden acceder a la totalidad de la biblioteca est\u00e1ndar y salir del sandbox."
}
],
"id": "CVE-2017-16088",
"lastModified": "2024-11-21T03:15:47.833",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-06-07T02:29:01.643",
"references": [
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
],
"url": "https://nodesecurity.io/advisories/337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-610"
}
],
"source": "support@hackerone.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2023-26122 (GCVE-0-2023-26122)
Vulnerability from cvelistv5 – Published: 2023-04-11 05:00 – Updated: 2025-02-07 16:56
VLAI?
Summary
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
Severity ?
CWE
- CWE-265 - Sandbox Bypass
Assigner
References
Credits
seongil-wi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26122",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:56:24.542670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:56:45.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.\rExploiting this vulnerability might result in remote code execution (\"RCE\").\r\r**Vulnerable functions:**\r\r__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf()."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-265",
"description": "Sandbox Bypass",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:02.658Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26122",
"datePublished": "2023-04-11T05:00:02.658Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-07T16:56:45.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26121 (GCVE-0-2023-26121)
Vulnerability from cvelistv5 – Published: 2023-04-11 05:00 – Updated: 2025-02-10 15:16
VLAI?
Summary
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Severity ?
CWE
- CWE-1321 - Prototype Pollution
Assigner
References
Credits
seongil-wi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26121",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:16:22.240449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:16:54.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "Prototype Pollution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:01.308Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26121",
"datePublished": "2023-04-11T05:00:01.308Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-10T15:16:54.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25904 (GCVE-0-2022-25904)
Vulnerability from cvelistv5 – Published: 2022-12-21 01:21 – Updated: 2025-04-16 14:42
VLAI?
Summary
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.
Severity ?
CWE
- Prototype Pollution
Assigner
References
Credits
Yuhan Gao
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:41:46.672157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:42:09.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yuhan Gao"
}
],
"datePublic": "2022-12-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Prototype Pollution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-20T00:00:00.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "Prototype Pollution"
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25904",
"datePublished": "2022-12-21T01:21:43.830Z",
"dateReserved": "2022-02-24T00:00:00.000Z",
"dateUpdated": "2025-04-16T14:42:09.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7710 (GCVE-0-2020-7710)
Vulnerability from cvelistv5 – Published: 2020-08-21 09:15 – Updated: 2024-09-16 19:26
VLAI?
Summary
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Severity ?
CWE
- Sandbox Escape
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
Anirudh Anand
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anirudh Anand"
}
],
"datePublic": "2020-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sandbox Escape",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T09:15:13",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "Sandbox Escape",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2020-08-21T09:14:22.742905Z",
"ID": "CVE-2020-7710",
"STATE": "PUBLIC",
"TITLE": "Sandbox Escape"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Anirudh Anand"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Escape"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/19",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7710",
"datePublished": "2020-08-21T09:15:13.975137Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T19:26:06.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16088 (GCVE-0-2017-16088)
Vulnerability from cvelistv5 – Published: 2018-06-07 02:00 – Updated: 2024-09-16 16:13
VLAI?
Summary
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Severity ?
No CVSS data available.
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere (CWE-610)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HackerOne | safe-eval node module |
Affected:
All versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2018-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/patriksimek/vm2/issues/59",
"refsource": "MISC",
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/5",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"name": "https://nodesecurity.io/advisories/337",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/337"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16088",
"datePublished": "2018-06-07T02:00:00Z",
"dateReserved": "2017-10-29T00:00:00",
"dateUpdated": "2024-09-16T16:13:38.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26122 (GCVE-0-2023-26122)
Vulnerability from nvd – Published: 2023-04-11 05:00 – Updated: 2025-02-07 16:56
VLAI?
Summary
All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.
Exploiting this vulnerability might result in remote code execution ("RCE").
**Vulnerable functions:**
__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf().
Severity ?
CWE
- CWE-265 - Sandbox Bypass
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Credits
seongil-wi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26122",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T16:56:24.542670Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:56:45.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Sandbox Bypass due to improper input sanitization. The vulnerability is derived from prototype pollution exploitation.\rExploiting this vulnerability might result in remote code execution (\"RCE\").\r\r**Vulnerable functions:**\r\r__defineGetter__, stack(), toLocaleString(), propertyIsEnumerable.call(), valueOf()."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-265",
"description": "Sandbox Bypass",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:02.658Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373064"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/27"
},
{
"url": "https://gist.github.com/seongil-wi/2db6cb884e10137a93132b7f74879cce"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/31"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/32"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/33"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/34"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/35"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26122",
"datePublished": "2023-04-11T05:00:02.658Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-07T16:56:45.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26121 (GCVE-0-2023-26121)
Vulnerability from nvd – Published: 2023-04-11 05:00 – Updated: 2025-02-10 15:16
VLAI?
Summary
All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content.
Severity ?
CWE
- CWE-1321 - Prototype Pollution
Assigner
References
Credits
seongil-wi
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"tags": [
"x_transferred"
],
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26121",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-10T15:16:22.240449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-10T15:16:54.743Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "*",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "seongil-wi"
}
],
"descriptions": [
{
"lang": "en",
"value": "All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "Prototype Pollution",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-11T05:00:01.308Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3373062"
},
{
"url": "https://gist.github.com/seongil-wi/9d9fc0cc5b7b130419cd45827e59c4f9"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/28"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2023-26121",
"datePublished": "2023-04-11T05:00:01.308Z",
"dateReserved": "2023-02-20T10:28:48.923Z",
"dateUpdated": "2025-02-10T15:16:54.743Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25904 (GCVE-0-2022-25904)
Vulnerability from nvd – Published: 2022-12-21 01:21 – Updated: 2025-04-16 14:42
VLAI?
Summary
All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype.
Severity ?
CWE
- Prototype Pollution
Assigner
References
Credits
Yuhan Gao
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:49:44.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-25904",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-16T14:41:46.672157Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1321",
"description": "CWE-1321 Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-16T14:42:09.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yuhan Gao"
}
],
"datePublic": "2022-12-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the Object.prototype."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.1,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Prototype Pollution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-20T00:00:00.000Z",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"url": "https://security.snyk.io/vuln/SNYK-JS-SAFEEVAL-3175701"
},
{
"url": "https://github.com/hacksparrow/safe-eval/issues/26"
}
],
"title": "Prototype Pollution"
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2022-25904",
"datePublished": "2022-12-21T01:21:43.830Z",
"dateReserved": "2022-02-24T00:00:00.000Z",
"dateUpdated": "2025-04-16T14:42:09.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7710 (GCVE-0-2020-7710)
Vulnerability from nvd – Published: 2020-08-21 09:15 – Updated: 2024-09-16 19:26
VLAI?
Summary
This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine.
Severity ?
CWE
- Sandbox Escape
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Credits
Anirudh Anand
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:41:01.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval",
"vendor": "n/a",
"versions": [
{
"lessThan": "unspecified",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Anirudh Anand"
}
],
"datePublic": "2020-08-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "PROOF_OF_CONCEPT",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "UNAVAILABLE",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Sandbox Escape",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-21T09:15:13",
"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"shortName": "snyk"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
],
"title": "Sandbox Escape",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "report@snyk.io",
"DATE_PUBLIC": "2020-08-21T09:14:22.742905Z",
"ID": "CVE-2020-7710",
"STATE": "PUBLIC",
"TITLE": "Sandbox Escape"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_value": "0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Anirudh Anand"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "This affects all versions of package safe-eval. It is possible for an attacker to run an arbitrary command on the host machine."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Sandbox Escape"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076",
"refsource": "MISC",
"url": "https://snyk.io/vuln/SNYK-JS-SAFEEVAL-608076"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/19",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/19"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730",
"assignerShortName": "snyk",
"cveId": "CVE-2020-7710",
"datePublished": "2020-08-21T09:15:13.975137Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T19:26:06.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-16088 (GCVE-0-2017-16088)
Vulnerability from nvd – Published: 2018-06-07 02:00 – Updated: 2024-09-16 16:13
VLAI?
Summary
The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Severity ?
No CVSS data available.
CWE
- CWE-610 - Externally Controlled Reference to a Resource in Another Sphere (CWE-610)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| HackerOne | safe-eval node module |
Affected:
All versions
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T20:13:07.169Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "safe-eval node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2018-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-610",
"description": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-06-07T01:57:01",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://nodesecurity.io/advisories/337"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"DATE_PUBLIC": "2018-04-26T00:00:00",
"ID": "CVE-2017-16088",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "safe-eval node module",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "HackerOne"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/patriksimek/vm2/issues/59",
"refsource": "MISC",
"url": "https://github.com/patriksimek/vm2/issues/59"
},
{
"name": "https://github.com/hacksparrow/safe-eval/issues/5",
"refsource": "MISC",
"url": "https://github.com/hacksparrow/safe-eval/issues/5"
},
{
"name": "https://nodesecurity.io/advisories/337",
"refsource": "MISC",
"url": "https://nodesecurity.io/advisories/337"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2017-16088",
"datePublished": "2018-06-07T02:00:00Z",
"dateReserved": "2017-10-29T00:00:00",
"dateUpdated": "2024-09-16T16:13:38.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}