Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox,
A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine.
« A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox, » GitHub said in an advisory published on September 28, 2022.
The
« A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox, » GitHub said in an advisory published on September 28, 2022.
The
,
A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine.
« A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox, » GitHub said in an advisory published on September 28, 2022.
The
« A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox, » GitHub said in an advisory published on September 28, 2022.
The
, ,
https://thehackernews.com/2022/10/researchers-detail-critical-rce-flaw.html