Lucene search

Withdrawn: Arbitrary Code Execution in static-eval

🗓️ 06 May 2021 16:25:11Reported by GitHub Advisory DatabaseType

Arbitrary Code Execution in static-eval, versions vulnerable to FunctionExpressions and TemplateLiteral

Reporter	Title	Published	Views	Family All 6
Veracode	Arbitrary Code Execution	15 Feb 201902:43	–	veracode
CVE	CVE-2021-23334	11 Feb 202112:15	–	cve
NVD	CVE-2021-23334	11 Feb 202112:15	–	nvd
Cvelist	CVE-2021-23334	11 Feb 202111:25	–	cvelist
IBM Security Bulletins	Security Bulletin: A security vulnerability in Node.js lodash module affects IBM Cloud Pak for Multicloud Management Managed Service	19 May 202117:14	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson OpenScale on Cloud Pak for Data is impacted by Vulnerabilities in Node.js	16 Apr 202114:32	–	ibm

Vulners

Node

static\-eval_project static\-evalRange≤2.1.0

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-23334
github	www.github.com/browserify/static-eval/blob/master/index.js%23L180
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1071860
snyk	www.snyk.io/vuln/SNYK-JS-STATICEVAL-1056765
github	www.github.com/advisories/GHSA-8v27-2fg9-7h62

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 May 2021 16:11Current

5Medium risk

Vulners AI Score5

EPSS0.00241

CWE-94