Affected versions of the package are vulnerable to Arbitrary Code Injection due to unsafe use of the
eval() function. Node.js provides the
mongoosify to version 0.0.4 or higher.
- Cristian-Alexandru Staicu, Michael Pradel, Ben Livshits
- Snyk ID
- 08 Apr, 2016
- 01 May, 2017