v3.11.2
What's Changed
Security fixes
- GHSA-9vg3-4rfj-wgcm — Sandbox-realm null-proto write-through via
bridge.from()set trap (RCE) - GHSA-2cm2-m3w5-gp2f — Internal state reachable via computed-key access on
globalThis - GHSA-9qj6-qjgg-37qq — Bridge saved-state leak via sandbox-installed
Array.prototype[N]setter (RCE)
Documentation
docs/ATTACKS.mdupdated through Category 28, plus a new Defense Invariant
("Bridge-internal containers must not invoke sandbox code").
Full Changelog: v3.11.1...v3.11.2