2 matches found
GHSA-WXHW-J4HC-FMQ6 SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
Summary A sandbox escape vulnerability due to AsyncFunction not being isolated in SandboxFunction Details The library attempts to sandbox code execution by replacing the global Function constructor with a safe, sandboxed version SandboxFunction. This is handled in utils.ts by mapping Function to...
SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
Summary A sandbox escape vulnerability due to AsyncFunction not being isolated in SandboxFunction Details The library attempts to sandbox code execution by replacing the global Function constructor with a safe, sandboxed version SandboxFunction. This is handled in utils.ts by mapping Function to...