CNNVD-202602-920 Information

CNNVD ID

CNNVD-202602-920

Related CVE

CVE-2026-25520

• CNNVD Published: 2026-02-06

Description (Chinese)

SandboxJS是nyariv个人开发者的一个安全评估软件。 SandboxJS 0.8.29之前版本存在安全漏洞，该漏洞源于函数返回值未包装，可能导致沙箱外执行任意代码。

Description (English)

SandboxJS is a security assessment software for the neyariv personal developer. The previous version of SandboxJS 0.8.29 had a security loophole, which stemmed from the unpackaged return value of the function, which could lead to the enforcement of any code outside the sandbox.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/nyariv/SandboxJS/commit/67cb186c41c78c51464f70405504e8ef0a6e43c3 https://github.com/nyariv/SandboxJS/security/advisories/GHSA-58jh-xv4v-pcx4 https://access.redhat.com/security/cve/cve-2026-25520

Patch

https://github.com/nyariv/SandboxJS/releases