CVE-2025-13204
Description
npm package expr-eval is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary code execution. The npm expr-eval-fork package resolves this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
The `expr-eval` npm package is vulnerable to prototype pollution, allowing an attacker to achieve arbitrary code execution via the expression evaluation interface.
Vulnerability
Analysis
The expr-eval npm package, a mathematical expression evaluator for JavaScript, is susceptible to a Prototype Pollution vulnerability (CVE-2025-13204). By exploiting JavaScript’s prototype-based inheritance model, an attacker can inject properties into the global Object.prototype through crafted expressions. The root cause lies in how the parser handles user-supplied variables during expression evaluation, which does not adequately prevent modification of built-in prototypes [1][2][3].
Attack
Vector & Prerequisites
An attacker must have network access to an application that uses expr-eval to evaluate untrusted expressions via the Express JS interface. No special authentication is required if the vulnerable endpoint is publicly exposed. By providing a malicious expression containing special property assignments (e.g., __proto__), the attacker can pollute the global prototype chain. This can be triggered through the evaluate method or the simplify method when passing variables [1][2][3].
Impact
Successful exploitation leads to arbitrary code execution in the context of the Node.js application. Prototype Pollution can alter the behavior of all objects in the runtime, enabling attacks such as command injection, server-side request forgery (SSRF), or further privilege escalation. The CVSS score indicates high severity due to the combination of network attack vector and the potential for full system compromise [3].
Mitigation
The vulnerability is not patched in the original expr-eval package. The recommended fix is to migrate to the forked package expr-eval-fork, which includes the security commit that was never released to npm [1][2]. Users should update their package.json dependencies accordingly and audit any applications that evaluate user-supplied expressions.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
expr-evalnpm | <= 2.0.2 | — |
expr-eval-forknpm | < 2.0.2 | 2.0.2 |
Affected products
2- silentmatt/expr-evalv5Range: 0
Patches
26e889e0e75c5Merge pull request #252 from 418sec/1-npm-expr-eval
1 file changed · +3 −0
src/evaluate.js+3 −0 modified@@ -41,6 +41,9 @@ export default function evaluate(tokens, expr, values) { nstack.push(f(resolveExpression(n1, values), resolveExpression(n2, values), resolveExpression(n3, values))); } } else if (type === IVAR) { + if (/^__proto__|prototype|constructor$/.test(item.value)) { + throw new Error('prototype access detected'); + } if (item.value in expr.functions) { nstack.push(expr.functions[item.value]); } else if (item.value in expr.unaryOps && expr.parser.isOperatorEnabled(item.value)) {
6c475a118643Fix prototype pollution
1 file changed · +3 −0
src/evaluate.js+3 −0 modified@@ -41,6 +41,9 @@ export default function evaluate(tokens, expr, values) { nstack.push(f(resolveExpression(n1, values), resolveExpression(n2, values), resolveExpression(n3, values))); } } else if (type === IVAR) { + if (/^__proto__|prototype|constructor$/.test(item.value)) { + throw new Error('prototype access detected'); + } if (item.value in expr.functions) { nstack.push(expr.functions[item.value]); } else if (item.value in expr.unaryOps && expr.parser.isOperatorEnabled(item.value)) {
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
10- github.com/silentmatt/expr-eval/pull/252/filesghsapatchWEB
- github.com/vladko312/extras/blob/f549d505af300fd74a01b46fab2102990ff1c14d/expr-eval.pyghsaexploitWEB
- github.com/advisories/GHSA-8gw3-rxh4-v6jxghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-13204ghsaADVISORY
- www.huntr.dev/bounties/1-npm-expr-eval/mitrethird-party-advisory
- github.com/SECCON/SECCON2022_final_CTF/blob/main/jeopardy/web/babybox/solver/solver.pyghsaWEB
- github.com/jorenbroekema/expr-eval/commit/6c475a118643ae0efe012de283e932fb8b74324bghsaWEB
- github.com/silentmatt/expr-eval/commit/6e889e0e75c50ac37d70c35388602025650e0c50ghsaWEB
- www.huntr.dev/bounties/1-npm-expr-evalghsaWEB
- www.npmjs.com/package/expr-eval-forkghsaWEB
News mentions
0No linked articles in our index yet.