Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they use it in their applications. vm2 Javascript sandbox library vm2 is the most popular Javascript sandbox library, with around 17.5 million monthly downloads. It provides a commonly used software testing framework capable of running untrusted … More
The post Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: