diff --git a/lib/parse.js b/lib/parse.js
index abed3c5..7cb91fc 100644
--- a/lib/parse.js
+++ b/lib/parse.js
@@ -31,7 +31,9 @@ LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-var defaultReviver, nodeTypeString, nodes, parse, syntaxErrorMessage;
+var defaultReviver, nodeTypeString, nodes, parse, parseStringLiteral, runInThisContext, syntaxErrorMessage;
+
+runInThisContext = require('vm').runInThisContext;
 
 nodes = require('coffee-script').nodes;
 
@@ -55,6 +57,10 @@ syntaxErrorMessage = function(csNode, msg) {
   return "Syntax error on line " + line + ", column " + column + ": " + msg;
 };
 
+parseStringLiteral = function(literal) {
+  return runInThisContext(literal);
+};
+
 parse = function(source, reviver) {
   var coffeeAst, contextObj, isLiteral, nodeTransforms, parsed, transformKey, transformNode;
   if (reviver == null) {
@@ -83,7 +89,7 @@ parse = function(source, reviver) {
       value = node.value;
       try {
         if (value[0] === "'") {
-          return eval(value);
+          return parseStringLiteral(value);
         } else {
           return JSON.parse(value);
         }
@@ -172,7 +178,7 @@ parse = function(source, reviver) {
         value = csNode.base.value;
         switch (value[0]) {
           case '\'':
-            return eval(value);
+            return parseStringLiteral(value);
           case '"':
             return JSON.parse(value);
           default:
diff --git a/src/parse.coffee b/src/parse.coffee
index 8a16089..ce205f9 100644
--- a/src/parse.coffee
+++ b/src/parse.coffee
@@ -30,6 +30,8 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ###
 
+{runInThisContext} = require 'vm'
+
 {nodes} = require 'coffee-script'
 
 defaultReviver = (key, value) -> value
@@ -46,6 +48,13 @@ syntaxErrorMessage = (csNode, msg) ->
   column = columnIdx + 1 if columnIdx?
   "Syntax error on line #{line}, column #{column}: #{msg}"
 
+parseStringLiteral = (literal) ->
+  # In theory this could be replaced by properly resolving
+  # escape sequences etc.
+  # We trust the coffee-script lexer to make sure it's just
+  # a strings and running it has no side effects.
+  runInThisContext literal
+
 # See:
 # http://www.ecma-international.org/ecma-262/5.1/#sec-15.12.2
 parse = (source, reviver = defaultReviver) ->
@@ -69,7 +78,7 @@ parse = (source, reviver = defaultReviver) ->
       {value} = node
       try
         if value[0] == "'"
-          eval value # we trust the lexer here
+          parseStringLiteral value
         else
           JSON.parse value
       catch err
@@ -138,7 +147,7 @@ parse = (source, reviver = defaultReviver) ->
       when 'Value'
         {value} = csNode.base
         switch value[0]
-          when '\'' then eval value # we trust the lexer here
+          when '\'' then parseStringLiteral value
           when '"' then JSON.parse value
           else value