EUVD-2022-7480

Malicious code in bioql PyPI...

Prototype Pollution

safe-eval is vulnerable to Prototype Pollution. The vulnerability exists in safeEval in index.js due to sandbox escaping which allows an attacker to access the host error objects during the generation of a stack trace...

GHSA-HCG3-56JF-X4VH safe-eval vulnerable to Prototype Pollution via the safeEval function

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content...

safe-eval vulnerable to Prototype Pollution via the safeEval function

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content...

Design/Logic Flaw

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content...

CVE-2023-26121

CVE-2023-26121 affects the npm package safe-eval (all versions). The issue is a Prototype Pollution in the safeEval function caused by improper sanitization of its parameter content. This vulnerability is described across multiple connected sources as affecting all versions, with high/critical im...

CVE-2023-26121

All versions of the package safe-eval are vulnerable to Prototype Pollution via the safeEval function, due to improper sanitization of its parameter content...

Prototype Pollution

safe-eval is vulnerable to prototype pollution. The vulnerability exists in the safeEval function in index.js, because it allows an attacker to add or modify Object.prototype.Consolidate properties...

GHSA-33VH-7X8Q-MG35 safe-eval vulnerable to Prototype Pollution

All versions of package safe-eval are vulnerable to Prototype Pollution which allows an attacker to add or modify properties of the Object.prototype.Consolidate when using the function safeEval. This is because the function uses vm variable, leading an attacker to modify properties of the...