CVE-2019-10769

safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError...

CVE-2019-10769

safer-eval is a npm package to sandbox the he evaluation of code used within the eval function. Affected versions of this package are vulnerable to Arbitrary Code Execution via generating a RangeError...

Sandbox Breakout

Overview Versions of realms-shim prior to 1.2.0 are vulnerable to a Sandbox Breakout. The package's core evaluator, which must switch between "unsafe mode" and "safe mode" for each call, could be left in "unsafe mode" if an attacker is able to force a RangeError in a specific timeframe. This woul...

Chrome Universal XSS using stack overflow exceptions (CVE-2015-1303)

VULNERABILITY DETAILS When the maximum call stack size is exceeded, a RangeError object is created using isolate's current context. Thus, if a cross-origin context had been entered through the V8WrapperInstantiationScope constructor, for example, a cross-origin exception will be propagated to the...