Skip to content

v3.11.2

Choose a tag to compare

@patriksimek patriksimek released this 03 May 21:33

What's Changed

Security fixes

  • GHSA-9vg3-4rfj-wgcm — Sandbox-realm null-proto write-through via bridge.from() set trap (RCE)
  • GHSA-2cm2-m3w5-gp2f — Internal state reachable via computed-key access on globalThis
  • GHSA-9qj6-qjgg-37qq — Bridge saved-state leak via sandbox-installed Array.prototype[N] setter (RCE)

Documentation

  • docs/ATTACKS.md updated through Category 28, plus a new Defense Invariant
    ("Bridge-internal containers must not invoke sandbox code").

Full Changelog: v3.11.1...v3.11.2