vm2 - CVE CyberSecurity Database News

May 15, 2023 Exploit patriksimek vm2

CVE-2023-32314: vm2 Sandbox Escape Vulnerability Leads to Remote Code Execution

A critical vulnerability, CVE-2023-32314, exists in the vm2 sandbox, which is commonly used in Node.js applications to run untrusted code in a secure environment.

Apr 17, 2023 Exploit patriksimek vm2

CVE-2023-30547: Critical Vulnerability in vm2 Sandbox Allows Attackers to Escape and Execute Arbitrary Code

The vm2 sandbox is a popular tool in the Node.js ecosystem that allows developers to safely run untrusted code by utilizing whitelisted Node'

Apr 14, 2023 Exploit patriksimek vm2

CVE-2023-29199 - VM2 Vulnerability in Source Code Transformer Allows Sandbox Escape and Arbitrary Code Execution

A recently discovered security vulnerability, identified as CVE-2023-29199, has been found in the source code transformer of vm2 library for versions up to 3.9.

Apr 6, 2023 Exploit patriksimek vm2

CVE-2023-29017 - vm2 Sandbox Escape via Error.prepareStackTrace Bypass Leading to Remote Code Execution

vm2 is a popular sandbox for running untrusted JavaScript code with whitelisted Node.js built-in modules. It comes with many useful features and checks to