Bug 2412409 (CVE-2025-12735)

Summary: CVE-2025-12735 expr-eval: CVE-2025-12735
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: urgent Docs Contact:
Priority: urgent    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A vulnerability was discovered in the expr-eval npm package, a JavaScript library used to parse and evaluate mathematical expressions. The issue allows an attacker to define arbitrary functions within the context object used by the parser's evaluate() method. By providing maliciously crafted input, an attacker can exploit this flaw to inject and execute arbitrary system-level commands on the host system. This could lead to the execution of malicious code.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2025-11-05 01:01:47 UTC 
The expr-eval library is a JavaScript expression parser and evaluator designed to safely evaluate mathematical expressions with user-defined variables. However, due to insufficient input validation, an attacker can pass a crafted variables object into the evaluate() function and trigger arbitrary code execution.