JSONPath-Plus
diff --git a/‎CHANGES.md
Lines changed: 4 additions & 0 deletions b/‎CHANGES.md
Lines changed: 4 additions & 0 deletions
diff --git a/‎dist/index-browser-esm.js
Lines changed: 3 additions & 0 deletions b/‎dist/index-browser-esm.js
Lines changed: 3 additions & 0 deletions
diff --git a/‎dist/index-browser-esm.min.js
Lines changed: 1 addition & 1 deletion b/‎dist/index-browser-esm.min.js
Lines changed: 1 addition & 1 deletion
diff --git a/‎dist/index-browser-esm.min.js.map
Lines changed: 1 addition & 1 deletion b/‎dist/index-browser-esm.min.js.map
Lines changed: 1 addition & 1 deletion
diff --git a/‎dist/index-browser-umd.cjs
Lines changed: 3 additions & 0 deletions b/‎dist/index-browser-umd.cjs
Lines changed: 3 additions & 0 deletions
diff --git a/‎dist/index-browser-umd.min.cjs
Lines changed: 1 addition & 1 deletion b/‎dist/index-browser-umd.min.cjs
Lines changed: 1 addition & 1 deletion
diff --git a/‎dist/index-browser-umd.min.cjs.map
Lines changed: 1 addition & 1 deletion b/‎dist/index-browser-umd.min.cjs.map
Lines changed: 1 addition & 1 deletion
diff --git a/‎dist/index-node-cjs.cjs
Lines changed: 3 additions & 0 deletions b/‎dist/index-node-cjs.cjs
Lines changed: 3 additions & 0 deletions
diff --git a/‎dist/index-node-esm.js
Lines changed: 3 additions & 0 deletions b/‎dist/index-node-esm.js
Lines changed: 3 additions & 0 deletions
diff --git a/‎package.json
Lines changed: 1 addition & 1 deletion b/‎package.json
Lines changed: 1 addition & 1 deletion
@@ -1,5 +1,9 @@
 # CHANGES for jsonpath-plus
 
+## 10.0.4
+
+- fix(security): further prevent binding of Function calls which may evade detection
+
 ## 10.0.3
 
 - fix(security): prevent binding of Function calls which may evade detection
 
@@ -1325,6 +1325,9 @@ const SafeEval = {
     if (func === Function) {
       throw new Error('Function constructor is disabled');
     }
+    if (func.toString() === 'function () { [native code] }') {
+      throw new Error('Native functions are disabled');
+    }
     return func(...args);
   },
   evalAssignmentExpression(ast, subs) {
 
@@ -1331,6 +1331,9 @@
 	    if (func === Function) {
 	      throw new Error('Function constructor is disabled');
 	    }
+	    if (func.toString() === 'function () { [native code] }') {
+	      throw new Error('Native functions are disabled');
+	    }
 	    return func(...args);
 	  },
 	  evalAssignmentExpression(ast, subs) {
 
@@ -1326,6 +1326,9 @@ const SafeEval = {
     if (func === Function) {
       throw new Error('Function constructor is disabled');
     }
+    if (func.toString() === 'function () { [native code] }') {
+      throw new Error('Native functions are disabled');
+    }
     return func(...args);
   },
   evalAssignmentExpression(ast, subs) {
 
@@ -1324,6 +1324,9 @@ const SafeEval = {
     if (func === Function) {
       throw new Error('Function constructor is disabled');
     }
+    if (func.toString() === 'function () { [native code] }') {
+      throw new Error('Native functions are disabled');
+    }
     return func(...args);
   },
   evalAssignmentExpression(ast, subs) {
 
@@ -1,7 +1,7 @@
 {
   "author": "Stefan Goessner",
   "name": "jsonpath-plus",
-  "version": "10.0.3",
+  "version": "10.0.4",
   "type": "module",
   "bin": {
     "jsonpath": "./bin/jsonpath-cli.js",
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"author": "Stefan Goessner",`
`3`	`3`	`"name": "jsonpath-plus",`
`4`		`- "version": "10.0.3",`
	`4`	`+ "version": "10.0.4",`
`5`	`5`	`"type": "module",`
`6`	`6`	`"bin": {`
`7`	`7`	`"jsonpath": "./bin/jsonpath-cli.js",`