Vulnerabilities
Critical vulnerability puts vm2 JavaScript sandbox environments at risk of remote code execution attack
Key takeaway: “Although sandboxes are meant to run untrusted code within your application, you shouldn’t automatically assume that they are safe.”—Oxeye [260 words] What: Organizations using JavaScript sandbox vm2 should immediately update to version 3.9.11 of vm2. Why: A critical vulnerability (CVE-2022-36067) exists in all previous versions of vm2 that gives remote attackers a way […]
Read More