Vm2, a JavaScript sandbox package that receives more than 16 million downloads each month, provides the synchronous execution of untrusted code within a single process. Security researchers at Oxeye found...

The post A critical vulnerability in vm2 Allow a Remote Attacker to Escape The Sandbox appeared first on Hacker Combat.