CVE-2023-29017

Exploit

EPSS 78.06%
Veröffentlicht 06.04.2023 20:15:08
Zuletzt bearbeitet 21.11.2024 07:56:24
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Prior to version 3.9.15, vm2 was not properly handling host objects passed to `Error.prepareStackTrace` in case of unhandled async errors. A threat actor could bypass the sandbox protections to gain remote code execution rights on the host running the sandbox. This vulnerability was patched in the release of version 3.9.15 of vm2. There are no known workarounds.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Vm2 Project ≫ Vm2 SwPlatformnode.js Version < 3.9.15

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	78.06%	0.99

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
security-advisories@github.com	10	3.9	6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-913 Improper Control of Dynamically-Managed Code Resources

The product does not properly restrict reading from or writing to dynamically-managed code resources such as variables, objects, classes, attributes, functions, or executable instructions or statements.

https://gist.github.com/seongil-wi/2a44e082001b959bfe304b62121fb76d

Exploit

https://github.com/patriksimek/vm2/commit/d534e5785f38307b70d3aac1945260a261a94d50

Patch

https://github.com/patriksimek/vm2/issues/515

Exploit

Issue Tracking

https://github.com/patriksimek/vm2/security/advisories/GHSA-7jxr-cg7f-gpgv

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-29017

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29017

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29017

EUVD