139 matches found
PT-2026-6406
Summary SandboxJS does not properly restrict lookupGetter which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. Details https://github.com/nyariv/SandboxJS/blob/f212a38fb5a6d4bc2bc2e2466c0c011ce8d41072/src/executor.tsL368-L398 The Object...
SandboxJS 代码注入漏洞
SandboxJS is a security assessment tool developed by nyariv. Versions of SandboxJS prior to 0.8.27 contained a code injection vulnerability. This vulnerability stemmed from improper restrictions on lookupGetter, which could lead to sandbox escape or remote code execution...
SandboxJS security vulnerability
SandboxJS is a security assessment tool developed by nyariv. Versions of SandboxJS prior to 0.8.26 contained security vulnerabilities. These vulnerabilities stemmed from the lack of isolation of AsyncFunctions within SandboxFunctions, which could lead to sandbox escapes and remote code execution...
CVE-2026-23830
SandboxJS (pre-0.8.26) contains a sandbox escape where AsyncFunction (and related constructors) are not isolated in SandboxFunction. The safe-replacement map omits AsyncFunction, GeneratorFunction, and AsyncGeneratorFunction, so accessing an async function’s .constructor can yield the native host...
CVE-2026-23830
SandboxJS is a JavaScript sandboxing library. Versions prior to 0.8.26 have a sandbox escape vulnerability due to AsyncFunction not being isolated in SandboxFunction. The library attempts to sandbox code execution by replacing the global Function constructor with a safe, sandboxed version...
SandboxJS has Sandbox Escape via Unprotected AsyncFunction Constructor
Summary A sandbox escape vulnerability due to AsyncFunction not being isolated in SandboxFunction Details The library attempts to sandbox code execution by replacing the global Function constructor with a safe, sandboxed version SandboxFunction. This is handled in utils.ts by mapping Function to...
Improper Control of Dynamically-Managed Code Resources
Overview @nyariv/sandboxjs is a Javascript sandboxing library. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the AsyncFunction constructor not being properly isolated in the sandboxing function. An attacker can execute arbitrary cod...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-23830 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-23830 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15123975...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-23830 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-23830 Source advisory: OSV:GHSA-WXHW-J4HC-FMQ6...
Prototype Pollution
@nyariv/sandboxjs is vulnerable to prototype pollution. The vulnerability is due to insufficient prototype access checks in the sandbox’s executor logic, particularly when handling JavaScript function objects, which allows an attacker to inject arbitrary properties into Object.prototype...
@mieweb/wikigdrive (>=2.15.0 <=2.17.1), @nyariv/scopejs (>=0.2.0 <=0.2.2) potentially affected by CVE-2025-34146 via @nyariv/sandboxjs (>=0.5.3 <=0.8.23)
@nyariv/sandboxjs NPM version =0.5.3, =2.15.0, =0.2.0, =0.2.2 Source cves: CVE-2025-34146 Source advisory: OSV:GHSA-9QM3-6QRR-C76M...
CVE-2025-34146
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions = 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service DoS condition or, under certain conditions, escape the sandboxed environme...
CVE-2025-34146
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions = 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service DoS condition or, under certain conditions, escape the sandboxed environme...
CVE-2025-34146
CVE-2025-34146 affects @nyariv/sandboxjs
CVE-2025-34146 nyariv sandboxjs 0.8.23 Prototype Pollution Sandbox Escape DoS
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions = 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service DoS condition or, under certain conditions, escape the sandboxed environme...
CVE-2025-34146
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions = 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service DoS condition or, under certain conditions, escape the sandboxed environme...
CVE-2025-34146 nyariv sandboxjs 0.8.23 Prototype Pollution Sandbox Escape DoS
A prototype pollution vulnerability exists in @nyariv/sandboxjs versions = 0.8.23, allowing attackers to inject arbitrary properties into Object.prototype via crafted JavaScript code. This can result in a denial-of-service DoS condition or, under certain conditions, escape the sandboxed environme...
@mieweb/wikigdrive (>=2.15.0 <=2.17.1), @nyariv/scopejs (>=0.2.0 <=0.2.2) potentially affected by CVE-2025-34146 via @nyariv/sandboxjs (>=0.5.3 <=0.8.23)
@nyariv/sandboxjs NPM version =0.5.3, =2.15.0, =0.2.0, =0.2.2 Source cves: CVE-2025-34146 Source advisory: SNYK:JS-NYARIVSANDBOXJS-10361588...
Prototype Pollution
Overview @nyariv/sandboxjs is a Javascript sandboxing library. Affected versions of this package are vulnerable to Prototype Pollution which can cause a Denial of Service and potentially escape sandbox via injecting arbitrary properties. Details Prototype Pollution is a vulnerability affecting...