Unsafe use of eval()
Affecting summit package, versions >=0.1.0
summit is a node web framework.
Affected versions of this package are vulnerable to Arbitrary Command Execution via the
eval() function in the PouchDB driver. Node.js provides the
There is no fix version for
Do your applications use this vulnerable package?
- Cristian-Alexandru Staicu, Michael Pradel, Ben Livshits
- Snyk ID
- 08 Apr, 2016
- 16 Apr, 2017