all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

Add to bookmarks
April 8, 2023, 5:04 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.
The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on

address april code code execution critical critical flaw discover fix flaw javascript korea lab library maintainers patch release remote code remote code execution researchers sandbox security shellcode south south korea version vm2

Visit resource

More from thehackernews.com / The Hacker News

New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 2 hours ago | thehackernews.com
address applications business corporate +15
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources 3 hours ago | thehackernews.com
advisory agency alert cybersecurity +22
Google Announces Passkeys Adopted by Over 400 Million Accounts 6 hours ago | thehackernews.com
accounts easy fingerprint google +8
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks 8 hours ago | thehackernews.com
address aruba aruba networks arubaos +34
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw 22 hours ago | thehackernews.com
android android apps app applications +32
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million 1 day ago | thehackernews.com
attacks hacker national pay +10
When is One Vulnerability Scanner Not Enough? 1 day, 2 hours ago | thehackernews.com
antivirus antivirus software benefits concept +18
Dropbox Discloses Breach of Digital Signature Service Affecting All Users 1 day, 2 hours ago | thehackernews.com
account breach breached cloud +23
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw 1 day, 2 hours ago | thehackernews.com
attackers attacks botnet called +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs