Prototype Pollution
Overview @nyariv/sandboxjs is a Javascript sandboxing library. Affected versions of this package are vulnerable to Prototype Pollution via prototypeAccess on a shadowed sandbox object's hasOwnProperty. An attacker can execute arbitrary code on the underlying system by bypassing the prototype...