CVE-2025-13204 in expr-eval
요약
\~에 의해 MITRE • 2025. 11. 14.
npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.