Skip to content
The Nexus
SECURITYMay 7 · 04:15 UTCTHE HACKER NEWS[email protected] (The Hacker News)

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

A dozen critical security vulnerabilities have been found in the vm2 Node.js library, which could allow bad actors to escape the sandbox and execute arbitrary code on susceptible systems. The vm2 library is used to run untrusted JavaScript code inside a secure sandbox. This vulnerability puts systems using the library at risk of arbitrary code execution.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this