CVE-2025-43330: breaking out of a sandbox using font files bsssq.xyz 3 points by faxmeyourcode 5 hours ago
faxmeyourcode 4 hours ago I am not the author of this post. The exploration of the scheme based sandbox permissions DSL was interesting to me. It's a classic issue of a custom parser with bad input validation. bsssq 2 hours ago thanks for sharing! yes, it's a textbook vulnerability that was really quite trivial to exploit. faxmeyourcode 2 hours ago It was a fun read - digestible for those of us without a ton of experience in advanced security background knowledge.
bsssq 2 hours ago thanks for sharing! yes, it's a textbook vulnerability that was really quite trivial to exploit. faxmeyourcode 2 hours ago It was a fun read - digestible for those of us without a ton of experience in advanced security background knowledge.
faxmeyourcode 2 hours ago It was a fun read - digestible for those of us without a ton of experience in advanced security background knowledge.
I am not the author of this post. The exploration of the scheme based sandbox permissions DSL was interesting to me. It's a classic issue of a custom parser with bad input validation.
thanks for sharing! yes, it's a textbook vulnerability that was really quite trivial to exploit.
It was a fun read - digestible for those of us without a ton of experience in advanced security background knowledge.