The vulnerability of the js2py.disable_pyimport() function in the js2py library allows a hacker to bypass the sandbox protection and execute arbitrary code.

The vulnerability of the js2py.disablepyimport function in the js2py library is related to improper code generation management. Exploiting this vulnerability could allow a remote attacker to bypass the sandbox’s security mechanisms and execute arbitrary code by sending specially crafted API calls...

Js2Py Code Execution Vulnerability

Js2Py is a library from the Python Foundation. It is used to convert JavaScript to Python code. A code execution vulnerability exists in Js2Py version 0.74 and earlier, which can be exploited by an attacker to execute arbitrary code via a crafted API call...

PT-2024-4746

Name of the Vulnerable Software and Affected Versions js2py versions prior to 0.74 python-Js2Py versions prior to 0.74-3.1 openSUSE Tumbleweed pyload-ng versions less than or equal to 0.5.0b3.dev85 when used with Python 3.11 or below Description A sandbox escape issue exists in the js2py.disable...

pyLoad js2py Python Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/stopwatch' class MetasploitModule 'pyLoad js2py Python Execution', 'Description' = %q pyLoad versions prior to 0.5.0b3.dev31 are vulnerable to Python code...