CVE-2019-10759 · Vexday

CVE-2019-10759

EPSS 1.8%

safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code.

Affected products

Snyk · safer-eval

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://snyk.io/vuln/SNYK-JS-SAFEREVAL-173772