#SandboxSecurity

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover

by

April 30, 2024 at 01:33PM Three critical-severity vulnerabilities in the Judge0 open source service enable sandbox escapes and complete host machine takeovers. The flaws impact versions before 1.13.1 and can lead to code execution outside the sandbox, privilege escalation, and full system access. While version 1.13.1 addresses the issues, the potential for exploitation via other … Read more

Google Adds V8 Sandbox to Chrome

by

April 8, 2024 at 07:36AM Google has introduced a new sandbox to combat memory safety bugs in its Chrome V8 engine. The tech giant also included it in the bug bounty program, aiming to enhance the browser’s security. This update was featured on SecurityWeek. Based on the meeting notes, it appears that Google is implementing … Read more