Multiple critical sandbox-escape vulnerabilities have been disclosed in vm2, one of the most widely used Node.js sandboxing libraries, allowing attackers to escape the isolated execution environment and run arbitrary commands directly on the host system. Eleven advisories were published by maintainer patriksimek within days, covering affected versions up to 3.11.1, with patches available in VM2 […]

The post Critical vm2 Node.js Library Flaws Enable Arbitrary Code Execution Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/critical-vm2-node-js-library-flaws/