Tag: JavaScript Sandbox Library

Vm2 Patches Critical Remote Code Execution Vulnerabilities in JavaScript Sandbox Library (CVE-2023-30547 and CVE-2023-29199)

Posted by Author Diksha Ojha on Posted on

Two critical vulnerabilities affecting its JavaScript Sandbox Library are addressed by vm2. Both the vulnerabilities CVE-2023-29199 and CVE-2023-30547 are given a CVSS score of 9.8. Successful exploitation of these vulnerabilities may allow an attacker to perform remote code execution. Seung Hyun Lee) of KAIST Hacking Lab has discovered the vulnerabilities and released proof-of-concept (PoC) (CVE-2023-29199 … Continue reading “Vm2 Patches Critical Remote Code Execution Vulnerabilities in JavaScript Sandbox Library (CVE-2023-30547 and CVE-2023-29199)”

vm2 JavaScript Sandbox Library Remote Code Execution Vulnerability (CVE-2023-29017)

Posted by Author Diksha Ojha on Posted on

vm2 has released a patch for a critical severity vulnerability (CVE-2023-29017) with a CVSS score of 9.8. Korea Advanced Institute of Science and Technology (KAIST) WSP Lab has discovered the vulnerability. The vulnerability originates from improper input handling of host objects.     A proof-of-concept exploit has been made public on GitHub, explaining the severity and … Continue reading “vm2 JavaScript Sandbox Library Remote Code Execution Vulnerability (CVE-2023-29017)”