4 matches found
CVE-2019-10759
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code...
@pl-test/c (>=1.1.0 <=1.1.1), @pl-test/e (=1.1.0) potentially affected by CVE-2019-10759 via safer-eval (=1.2.3)
safer-eval NPM version =1.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on safer-eval and may be impacted: - @pl-test/c =1.1.0, =1.1.1 - @pl-test/e =1.1.0 Source cves: CVE-2019-10759 Source advisory: OSV:GHSA-R3X4-WR4H-PW33...
CVE-2019-10759
safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code...
CVE-2019-10759
The CVE-2019-10759 issue affects safer-eval prior to 1.3.4. A payload leveraging constructor properties can escape the sandbox and execute arbitrary code, giving an attacker arbitrary code execution. Documented impact is high for remote code execution with network access and no user interaction r...