GitHub

Safely eval a JavaScript expression or statements within a scope.

It is designed as a class, so the allowed globals can be customised. build(code): builds the code into a function, without executing it. preprocess(code): preprocess ...
The Hacker News

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of all inline scripts and potentially dangerous eval-like functions for ...
techzine

Critical vulnerability exposed in JavaScript library expr-eval

A critical security vulnerability in the popular JavaScript library expr-eval allows remote code execution. The bug, with a CVSS score of 9.8, affects hundreds of projects and is forcing developers to ...
Bleeping Computer

Popular JavaScript library expr-eval vulnerable to RCE flaw

A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The ...