Daily Archives: January 12, 2021

CVE-2020-16526

**RESERVED**https://github.com/hacksparrow/safe-eval safe-eval 0.4.1 is affected by: Sandbox Escape. The impact is: execute arbitrary code (remote). The component is: https://github.com/hacksparrow/safe-eval/blob/master/index.js. ¶¶ The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox.