Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.3
CVE-2019-10761
- EPSS 0.82%
- Veröffentlicht 13.07.2022 09:15:08
- Zuletzt bearbeitet 21.11.2024 04:19:52
This affects the package vm2 before 3.6.11. It is possible to trigger a RangeError exception from the host rather than the "sandboxed" context by reaching the stack call limit with an infinite recursion. The returned object is then used to reference ...
- EPSS 1.13%
- Veröffentlicht 11.02.2022 20:15:07
- Zuletzt bearbeitet 21.11.2024 05:51:49
The package vm2 before 3.9.6 are vulnerable to Sandbox Bypass via direct access to host error objects generated by node internals during generation of a stacktraces, which can lead to execution of arbitrary code on the host machine.
- EPSS 2.2%
- Veröffentlicht 18.10.2021 17:15:07
- Zuletzt bearbeitet 21.11.2024 05:51:46
This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vector, which can lead to execution of arbitrary code on the host machine.