BETAmodules.com is in beta — open to partnerships & joint ventures.Build with us
modules.com
⌘K

expr-eval

v2.0.2npm· JavaScript

Mathematical expression evaluator

The verdict
Has 2 high-severity advisories. Verify a patched version exists before using. Check the OSV link for the fixed-in version.
Check the OSV link for the fixed-in version.
Live from the npm registry · derived rules, not AI
How it scores
MaintenanceAbandoned
PopularityRising
Security2 advisories
LicensePermissive
DepsZero deps
Maintenance
Last published 6 years ago.
Popularity
469K downloads / week
Security
2 known advisories (worst: high severity).
License
MIT
Dependencies
No runtime dependencies
Security advisories
Live from OSV.dev · cached 24h
  • HIGH
    expr-eval vulnerable to Prototype Pollution
    GHSA-8gw3-rxh4-v6jx Published 2025-11-14
  • HIGH
    expr-eval does not restrict functions passed to the evaluate function
    GHSA-jc85-fpwf-qm7x Published 2025-11-05
Recent releases
  • 2.0.26 years ago
  • 2.0.16 years ago
  • 2.0.06 years ago
  • 1.2.36 years ago
  • 1.2.27 years ago
  • 1.2.18 years ago
  • 1.2.08 years ago
  • 1.1.18 years ago