GHSA-r3x4-wr4h-pw33

Suggest an improvement
Source
https://github.com/advisories/GHSA-r3x4-wr4h-pw33
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/10/GHSA-r3x4-wr4h-pw33/GHSA-r3x4-wr4h-pw33.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-r3x4-wr4h-pw33
Aliases
Published
2019-10-21T21:58:34Z
Modified
2023-11-08T04:00:55.383494Z
Severity
  • 9.9 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Sandbox Breakout / Arbitrary Code Execution in safer-eval
Details

Versions of safer-eval prior to 1.3.4 are vulnerable to Sandbox Escape leading to Remote Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. For example, evaluating he string console.constructor.constructor('return process')().env prints process.env to the console.

Recommendation

Upgrade to version 1.3.4 or later.

Database specific 
{
    "nvd_published_at": "2019-10-15T15:15:00Z",
    "github_reviewed_at": "2019-10-17T17:06:35Z",
    "severity": "CRITICAL",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-94"
    ]
}
References

Affected packages

npm / safer-eval

Package

Name
safer-eval
View open source insights on deps.dev
Purl
pkg:npm/safer-eval

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.4