A critical vulnerability in vm2 may allow a remote attacker to escape the sandbox and execute arbitrary code on the host.
A highly popular JavaScript sandbox library with more than 16 million monthly downloads, vm2 supports the execution of untrusted code synchronously in a single process.
from SecurityWeek RSS Feed https://ift.tt/XP9OzkR
via https://ifttt.com/ IFTTT
No comments:
Post a Comment