GHSA-3GPC-W23C-W59W Sandbox Breakout / Arbitrary Code Execution in pitboss-ng

All versions of pitboss-ng are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through this.constructor.constructor . This may allow attackers to execute arbitrary code in the system. Evaluating the payload...

dredd (>=0.5.1 <=5.4.6), dredd-bench (>=0.1.0 <=0.2.1) potentially affected by unknown CVE via pitboss-ng (=0.3.3)

pitboss-ng NPM version =0.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on pitboss-ng and may be impacted: - dredd =0.5.1, =0.1.0, =0.2.1 Source cves: unknown CVE Source advisory: OSV:GHSA-3GPC-W23C-W59W...

Sandbox Breakout / Arbitrary Code Execution in pitboss-ng

All versions of pitboss-ng are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through this.constructor.constructor . This may allow attackers to execute arbitrary code in the system. Evaluating the payload...

Sandbox Breakout / Arbitrary Code Execution

Overview Versions of pitboss-ng prior to 2.0.0 are vulnerable to Sandbox Escape leading to Remote Code Execution. The package fails to restrict access to the main context through this.constructor.constructor . This may allow attackers to execute arbitrary code in the system. Evaluating the payloa...