Advertisement
Top
image credit: Adobe Stock

Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)

October 10, 2022

Via: Help Net Security
Category:

Oxeye researchers discovered a severe vm2 vulnerability (CVE-2022-36067) that has received the maximum CVSS score of 10.0. Called SandBreak, this new vulnerability requires R&D leaders, AppSec engineers, and security professionals to ensure they immediately patch the vm2 sandbox if they use it in their applications.

vm2 Javascript sandbox library

vm2 is the most popular Javascript sandbox library, with around 17.5 million monthly downloads. It provides a commonly used software testing framework capable of running untrusted code synchronously in a single process.

Read More on Help Net Security

RELATED PUBLICATIONS

Google fixed critical Chrome vulnerability CVE-2024-4058
Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Latest Publications

Google fixed critical Chrome vulnerability CVE-2024-4058
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
AI set to play key role in future phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!