Breaking down the Node.js sandbox bypass CVE-2023-30587
Turns out, a lot of people want to try to safely run untrusted code, and that's hard. Pixee Engineer Matt Austin (@mattaustin) recently found a bypass of the new and experimental Node.js sandbox in versions before 20.3.1, and it just received a $3K a...
Sep 19, 20233 min read1.0K
