Critical Vulnerability in VM2 Sandbox Found Affecting Spotify Portal Platform Backstage

Spotify Backstage, an open-source platform used to build developer portals and in use at a number of large companies, has been found vulnerable to a critical remote code execution vulnerability. Confirming that most vulnerabilities are found in indirect dependencies, the Backstage vulnerability is enabled by another vulnerability found in its JavaScript VM2 sandbox dependency.

Read full article on InfoQ

 


Date:

Categorie(s):