Количество 2
Количество 2
CVE-2026-25142
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. This vulnerability is fixed in 0.8.27.
GHSA-9p4w-fq8m-2hp7
SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCE
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-25142 SandboxJS is a JavaScript sandboxing library. Prior to 0.8.27, SanboxJS does not properly restrict __lookupGetter__ which can be used to obtain prototypes, which can be used for escaping the sandbox / remote code execution. This vulnerability is fixed in 0.8.27. | CVSS3: 10 | 0% Низкий | 6 дней назад |
| GHSA-9p4w-fq8m-2hp7 SandboxJS Vulnerable to Prototype Pollution -> Sandbox Escape -> RCE | CVSS3: 10 | 0% Низкий | 6 дней назад |
Уязвимостей на страницу