Количество 2
Количество 2
CVE-2020-16526
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none
GHSA-8cxc-qr4w-j225
**RESERVED**https://github.com/hacksparrow/safe-eval safe-eval 0.4.1 is affected by: Sandbox Escape. The impact is: execute arbitrary code (remote). The component is: https://github.com/hacksparrow/safe-eval/blob/master/index.js. ¶¶ The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-16526 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | около 5 лет назад | ||
| GHSA-8cxc-qr4w-j225 **RESERVED**https://github.com/hacksparrow/safe-eval safe-eval 0.4.1 is affected by: Sandbox Escape. The impact is: execute arbitrary code (remote). The component is: https://github.com/hacksparrow/safe-eval/blob/master/index.js. ¶¶ The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox. | больше 3 лет назад |
Уязвимостей на страницу