Описание
op_panic in the base runtime can force a panic in the runtime's containing thread
Affected versions use deno_core releases that expose Deno.core.ops.op_panic to the JS runtime in the base core
This function when called triggers a manual panic in the thread containing the runtime, breaking sandboxing
It can be fixed by stubbing out the exposed op:
Deno.core.ops.op_panic = (msg) => { throw new Error(msg) };
Пакеты
Наименование
js-sandbox
rust
Затронутые версииВерсия исправления
<= 0.1.6
Отсутствует