all InfoSec news
Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)
Help Net Security www.helpnetsecurity.com
Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they use it in their applications. vm2 Javascript sandbox library vm2 is the most popular Javascript sandbox library, with around 17.5 million monthly downloads. It provides a commonly used software testing framework capable of running untrusted … More →
The post …
critical cve cybersecurity don't miss escape flaw github hot stuff javascript open source oxeye patch sandbox software vulnerability