CNNVD-202507-3917 Information

CNNVD ID

CNNVD-202507-3917

Related CVE

CVE-2025-34146

• CNNVD Published: 2025-07-31

Description (Chinese)

SandboxJS是nyariv个人开发者的一个安全评估软件。 SandboxJS 0.8.23及之前版本存在安全漏洞，该漏洞源于原型污染，可能导致拒绝服务或逃逸沙箱环境。

Description (English)

SandboxJS is a security assessment software for the neyariv personal developer. The Sandbox JS 0.8.23 and previous versions contained a security loophole that originated in prototype contamination and could lead to denial of services or escape from the sandbox environment.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-07-31

Last Modified

2026-02-24

References

https://gist.github.com/Hagrid29/9df27829a491080f923c4f6b8518d7e3 https://github.com/nyariv/SandboxJS/issues/31 https://www.npmjs.com/package/@nyariv/sandboxjs https://www.vulncheck.com/advisories/nyariv-sandboxjs-prototype-pollution-sandbox-escape-dos

Patch

https://github.com/nyariv/SandboxJS/releases