10 matches found
CVE-2019-10769
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError...
GHSA-HXMG-HM46-CF62 Remote code execution in mongo-express
mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769...
Remote code execution in mongo-express
mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769...
Remote Code Execution (RCE)
mongodb-query-parser is vulnerable to remote code execution RCE. The vulnerability exists through the use of unsafe version of safer-eval, and context-eval in the older versions. This vulnerability is related to CVE-2019-10769...
CVE-2019-10769
creationtimestamp| type| source ---|---|--- 2021-03-31 00:46:16+00:00| seen| https://t.me/VulnerabilityNews/21161 2024-03-07 22:16:39+00:00| seen| https://t.me/ctinow/202825 2026-06-24 14:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mp25bonoel2y...
Design/Logic Flaw
mongo-express before 1.0.0 offers support for certain advanced syntax but implements this in an unsafe way. NOTE: this may overlap CVE-2019-10769...
@achil/parcel-bundler (>=1.11.1 <=1.12.34), @acies/core (>=1.2.89 <=1.2.215) +134 more potentially affected by CVE-2019-10769 via safer-eval (>=1.2.3 <=1.3.6)
safer-eval NPM version =1.2.3, =1.11.1, =1.2.89, =0.1.0, =4.0.0, =4.1.0, =4.1.2, =0.9.2-pre.41, =2.0.2, =1.0.0, =1.9.3, =0.3.0, =1.12.3, =1.0.0, =0.0.1, =3.4.4 and more Source cves: CVE-2019-10769 Source advisory: OSV:GHSA-V63X-XC9J-HHVQ...
CVE-2019-10769
safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError...
CVE-2019-10769
The provided data indicates CVE-2019-10769 affects the npm package safer-eval, which sandboxed evaluation uses the eval function. The vulnerability is described as Arbitrary Code Execution via generating a RangeError, with a detailed PoC published in the Huntr entry for safer-eval (1-NPM-SAFER-EV...
@achil/parcel-bundler (>=1.11.1 <=1.12.34), @acies/core (>=1.2.89 <=1.2.215) +134 more potentially affected by CVE-2019-10769 via safer-eval (>=1.2.3 <=1.3.6)
safer-eval NPM version =1.2.3, =1.11.1, =1.2.89, =0.1.0, =4.0.0, =4.1.0, =4.1.2, =0.9.2-pre.41, =2.0.2, =1.0.0, =1.9.3, =0.3.0, =1.12.3, =1.0.0, =0.0.1, =3.4.4 and more Source cves: CVE-2019-10769 Source advisory: SNYK:JS-SAFEREVAL-534901...