SECURITYTHE HACKER NEWS
vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution
A dozen critical security vulnerabilities have been found in the vm2 Node.js library, which could allow bad actors to escape the sandbox and execute arbitrary code on susceptible systems. The vm2 library is used to run untrusted JavaScript code inside a secure sandbox. This vulnerability puts systems using the library at risk of arbitrary code execution.
Mentioned