CNNVD-202602-952 Information

CNNVD ID

CNNVD-202602-952

Related CVE

CVE-2026-25587

• CNNVD Published: 2026-02-06

Description (Chinese)

SandboxJS是nyariv个人开发者的一个安全评估软件。 SandboxJS 0.8.29之前版本存在安全漏洞，该漏洞源于通过覆盖Map.prototype.has可导致沙箱逃逸。

Description (English)

SandboxJS is a security assessment software for the neyariv personal developer. The previous version of SandboxJS 0.8.29 had a security loophole, which originated from a sandbox that could escape by covering Map.prototype.has.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/nyariv/SandboxJS/commit/67cb186c41c78c51464f70405504e8ef0a6e43c3 https://github.com/nyariv/SandboxJS/security/advisories/GHSA-66h4-qj4x-38xp https://access.redhat.com/security/cve/cve-2026-25587

Patch

https://github.com/nyariv/SandboxJS/releases