Описание
Sandbox Bypass Leading to Arbitrary Code Execution in constantinople
Versions of constantinople prior to 3.1.1 are vulnerable to a sandbox bypass which can lead to arbitrary code execution.
Recommendation
Update to version 3.1.1 or later.
Пакеты
Наименование
constantinople
npm
Затронутые версииВерсия исправления
< 3.1.1
3.1.1
10 Critical
CVSS3
10 Critical
CVSS3