Researchers Discover Critical Remote Code Execution Flaw in vm2 Sandbox Library

April 9, 2023

The maintainers of the vm2 JavaScript sandbox module have shipped a patch to address a critical flaw that could be abused to break out of security boundaries and execute arbitrary shellcode.
The flaw, which affects all versions, including and prior to 3.9.14, was reported by researchers from South Korea-based KAIST WSP Lab on April 6, 2023, prompting vm2 to release a fix with version 3.9.15 on

Article posted by: https://thehackernews.com/2023/04/researchers-discover-critical-remote.html
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.