Количество 2
Количество 2
CVE-2025-13204
3 месяца назад
npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue.
CVSS3: 7.3
EPSS: Низкий
GHSA-8gw3-rxh4-v6jx
3 месяца назад
expr-eval vulnerable to Prototype Pollution
CVSS3: 7.3
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-13204 npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue. | CVSS3: 7.3 | 0% Низкий | 3 месяца назад |
| GHSA-8gw3-rxh4-v6jx expr-eval vulnerable to Prototype Pollution | CVSS3: 7.3 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу
20