2 matches found
CVE-2024-34347
@hoppscotch/cli is a CLI to run Hoppscotch Test Scripts in CI environments. Prior to 0.8.0, the @hoppscotch/js-sandbox package provides a Javascript sandbox that uses the Node.js vm module. However, the vm module is not safe for sandboxing untrusted Javascript code. This is because code inside th...
CVE-2024-34347
creationtimestamp| type| source ---|---|--- 2024-04-22 16:08:41+00:00| published-proof-of-concept| https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qmmm-73r2-f8xr...