Vulnerability Description
The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted context object or use MEMBER of the context object into the evaluate() function and trigger arbitrary code execution.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jorenbroekema | Javascript Expression Evaluator | 3.0.0 |
| Silentmatt | Javascript Expression Evaluator | <= 2.0.2 |
Related Weaknesses (CWE)
References
- https://github.com/advisories/GHSA-jc85-fpwf-qm7xThird Party Advisory
- https://github.com/jorenbroekema/expr-evalProduct
- https://github.com/silentmatt/expr-evalProduct
- https://github.com/silentmatt/expr-eval/pull/288Issue TrackingPatch
- https://kb.cert.org/vuls/id/263614Third Party Advisory
- https://www.npmjs.com/package/expr-evalProduct
- https://www.npmjs.com/package/expr-eval-forkProduct
- https://www.kb.cert.org/vuls/id/263614Third Party Advisory
- https://github.com/jorenbroekema/expr-eval/blob/460b820ba01c5aca6c5d84a7d4f1fa5dProduct
FAQ
What is CVE-2025-12735?
CVE-2025-12735 is a vulnerability with a CVSS score of 9.8 (CRITICAL). The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, a...
How severe is CVE-2025-12735?
CVE-2025-12735 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-12735?
Check the references section above for vendor advisories and patch information. Affected products include: Jorenbroekema Javascript Expression Evaluator, Silentmatt Javascript Expression Evaluator.