Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview mathjs is a math library for JavaScript and Node.js. It features a flexible expression parser with support for symbolic computation, comes with a large set of built-in functions and constants, and offers an integrated solution to work with diff. Affected versions of this package are...

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the expression parser. An attacker can execute arbitrary JavaScript code by sending malicious expressions for evaluation. Remediation There is no fixed...

CVE-2025-12735

A vulnerability was discovered in the expr-eval npm package, a JavaScript library used to parse and evaluate mathematical expressions. The issue allows an attacker to define arbitrary functions within the context object used by the parser's evaluate method. By providing maliciously crafted input,...

GHSA-JC85-FPWF-QM7X expr-eval does not restrict functions passed to the evaluate function

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted variables object into the evaluate function and trigger arbitrary...

CVE-2025-12735

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted context object or use MEMBER of the context object into the evaluat...

CVE-2025-12735

The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted context object or use MEMBER of the context object into the evaluat...

CVE-2025-12735

Summary: CVE-2025-12735 affects the expr-eval JavaScript expression parser/evaluator. Insufficient input validation lets an attacker pass a crafted context object or leverage MEMBER of the context in evaluate(), enabling arbitrary code execution. This is a client-side JavaScript library vulnerabi...

SUSE SLES15 Security Update : poppler (SUSE-SU-2025:3900-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3900-1 advisory. - CVE-2025-43718: Fixed uncontrolled recursion in the regex-based metadata parser when processing specially crafted PDF files allow...

EUVD-2024-0059

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-29786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it...

Important: amazon-cloudwatch-agent

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

Important: amazon-cloudwatch-agent

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2025-2851)

The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300054.1-2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2851 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size...

Memory Exhaustion in Expr Parser with Unrestricted Input

...

GHSA-93MQ-9FFX-83M2 Memory Exhaustion in Expr Parser with Unrestricted Input

Impact If the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios where input size isn’t limited, a malicious or inadvertent extremely large expression c...

AZL-58848 CVE-2025-29786 affecting package coredns for versions less than 1.11.1-18

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

CVE-2025-29786

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

CVE-2025-29786

CVE-2025-29786 concerns the Expr expression parser (Go). Prior to 1.17.0, unbounded input can cause the parser to build an excessively large AST, leading to high memory usage or an OOM crash. The issue is mitigated by a patch in 1.17.0 that enforces node budget and memory limits during parsing. R...

OSV-2024-335 Security exception in org.springframework.expression.spel.standard.InternalSpelExpressionParser.eatExp

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=67978 Crash type: Security exception Crash state: org.springframework.expression.spel.standard.InternalSpelExpressionParser.eatExp java.base/java.nio.charset.CharsetEncoder.replaceWith java.base/java.nio.charset.CharsetEncoder...

SUSE CVE-2007-4772

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service infinite loop via a crafted regular expression...