A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system. [...]
Critical vm2 sandbox bug lets attackers execute code on hosts
Résumé + lien vers la source. Sans paywall, sans tracking.