CVE-2025-43330: breaking out of a sandbox using font files (bsssq.xyz) 3 points by faxmeyourcode 10mo ago ↗ HN
[–] faxmeyourcode 10mo ago ↗ I am not the author of this post. The exploration of the scheme based sandbox permissions DSL was interesting to me. It's a classic issue of a custom parser with bad input validation.
1 comment
[ 2.5 ms ] story [ 14.0 ms ] thread