The safe-eval-2 package is a fork from several years ago that is now vulnerable to the same security bugs that were disclosed to the safe-eval package too.

There's sadly no way to open an issue in @Lucho forked repository but luckily the package is also not in any significant use by the community so I'm disclosing the issue here for awareness:

1. proof-of-concept: https://github.com/lirantal/safe-eval-2-CVE
2. vulnerability write-up