Lucene search
K

4 matches found

Snyk
Snyk
added 2026/05/29 5:50 p.m.11 views

Improper Control of Dynamically-Managed Code Resources

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the NodeVM constructor in lib/nodevm.js. An attacker can obtain host code execution by...

10CVSS6.2AI score0.00382EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/29 5:50 p.m.8 views

Improper Control of Dynamically-Managed Code Resources

Overview org.webjars.npm:vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources through the NodeVM constructor in lib/nodevm.js. An attacker can obtain host...

10CVSS6.2AI score0.00382EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/07 5:13 a.m.10 views

Improper Isolation or Compartmentalization

Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization through the NodeVM constructor in lib/nodevm.js. An attacker can run host commands when the VM is set up...

9.2CVSS6.3AI score0.009EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/03/01 12:0 a.m.1 views

Quantifying Frontier LLM Capabilities for Container Sandbox Escape

Large language models LLMs increasingly act as autonomous agents, using tools to execute code, read and write files, and access networks, creating novel security risks. To mitigate these risks, agents are commonly deployed and evaluated in isolated "sandbox" environments, often implemented using...

6AI score
Exploits0
Rows per page
Query Builder