all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers disclose critical sandbox escape bug in vm2 sandbox library

Add to bookmarks
April 9, 2023, 8:34 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode. vm2 is a sandbox that can run untrusted code in an isolated context […]


The post Researchers disclose critical sandbox escape bug in vm2 sandbox library appeared first on Security Affairs.

breaking news bug code code execution context critical critical vulnerability cve cvss developers development escape exploited hacking information security news it information security javascript library pierluigi paganini remote code remote code execution researchers run sandbox sandbox escape score security shellcode team untrusted vm2 vulnerability

Visit resource

More from securityaffairs.co / Security Affairs

ZLoader Malware adds Zeus’s anti-analysis feature an hour ago | securityaffairs.co
algorithm analysis anti-analysis authors +23
Ukrainian REvil gang member sentenced to 13 years in prison 16 hours ago | securityaffairs.co
breaking news cyber crime cybercrime digital id +17
Pro-Russia hackers target critical infrastructure in North America and Europe 17 hours ago | securityaffairs.co
agency america breaking news bureau +49
HPE Aruba Networking addressed four critical ArubaOS RCE flaws 19 hours ago | securityaffairs.co
april aruba arubaos breaking news +26
Threat actors hacked the Dropbox Sign production environment 23 hours ago | securityaffairs.co
access addresses authentication breached +24
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog 1 day, 2 hours ago | securityaffairs.co
access access control agency breaking news +28
Panda Restaurant Group disclosed a data breach 1 day, 6 hours ago | securityaffairs.co
breach breaking news cyber crime cybercrime +14
Ex-NSA employee sentenced to 262 months for attempting to transfer classified documents to Russia 1 day, 18 hours ago | securityaffairs.co
agency breaking news classified colorado +16
Cuttlefish malware targets enterprise-grade SOHO routers 1 day, 19 hours ago | securityaffairs.co
authentication black lotus black lotus labs cloud +26

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs